Cloud Security Manager

Company Description

Crown Agents Bank is a vastly growing and regulated UK bank that connects emerging and frontier markets to the rest of the world, using FX and payments technology. We are transforming the way payments and FX move through emerging markets, reducing friction so that more money gets to those who need it. Emerging markets payments are usually challenging, expensive, unreliable and opaque. Our solutions help fix these pain points. Ultimately, we connect traditionally hard-to-reach regions to global financial infrastructure, giving access to the best prices and the fastest, most reliable settlement.

FX and cross-border payments are often complex and expensive, especially when operating in emerging markets. Crown Agents Bank (CAB) wraps its deep and trusted relationships and strength of network around innovative digital capabilities, and cross-border transaction banking solutions to enable fintech, corporates, governments, development organisations and banks to move money to, from, and across often hard-to-reach markets.

We are currently based in Sutton and we are expected to move to our new offices, in London Bridge in May 2024 

Job Description

This role will lead the implementation of cloud security strategies, policies, and frameworks. This role will need hands-on experience in the management of cloud solutions and APIs, and knowledge in multiple disciplines, including cloud security, IT, operations, architecture, development and people skills, to help bring the business and technical sides together.

Key Responsibilities

• Cloud Security Strategy: Assist in the development of the cloud security strategy to support the overall security strategy. This includes implementing strategic initiatives to enhance the cloud security posture.

• Cloud Security Governance and Compliance: Own the development and maintenance of cloud security processes, procedures, standards, and guidelines. Ensure compliance with these documents as well as applicable regulatory requirements related to cloud security.

• Cloud Security Tools and Controls: Contribute to the selection of enterprise tools that can be extended into the cloud, cloud-native security controls, and third-party offerings.

• Security Controls Configuration and Monitoring: Ensure that all cloud solutions are configured and maintained in line with the company security policies and industry benchmarks.

• Automation and AI: Implement relevant integrations with APIs and automation to enable automatic security control validation by third-party solutions. Adopt or build AI solutions for enhancing the overall company security posture.

• Incident Management: Coordinate incident response activities with the supply chain to ensure swift and effective handling of security incidents. This includes maintaining incident response plans and conducting post-incident reviews to identify areas for improvement.

• Cloud Security Decision Making: Define cloud security design principles and requirements to help make choices about which security tools and controls will be deployed, where, and from which vendors and sources.

• Stakeholder Engagement: Regularly liaise with various stakeholders, including business units, IT, legal, and external auditors, to ensure a unified approach to cloud security.

Qualifications

• An extensive background in IT/Cyber Security roles.

• Experience in securing cloud / cloud hybrid services (including IaaS, PaaS, and SaaS variances).

• A good understanding of AWS security is essential

• An excellent grasp of the security of applications, infrastructure, and networks. The ability to perform detailed, demonstrable engineering tasks in the security technologies that must be adopted for safeguarding an enterprise shall include at least two of the following components:

• Cyber / Web Security (Firewalls, DoS, Proxies, CDN / WAF, API Gateways etc.)

• Data Security (DLP, DRM, etc)

• IDAM (FIAM, SSO, etc). Experience with Microsoft AD

• Mobile Security (EMM, MAM, MDM etc)

• Cloud Security (NSGs, CA, AIP, ARM, Key Vaults, etc)

• Detailed working knowledge of infrastructure security requirements and good understanding of recognised information security management and governance frameworks ISO27001, NIST 800-53 & CSF, Cyber Essentials

• A recognized information security qualification (CISSP, CCSP, etc.). The following qualifications, or associated experience, are also desirable:

o Microsoft 365 Certified: Security Administrator Associate

o Microsoft Certified: Identity and Access Administrator Associate

o Microsoft Certified: Information Protection Administrator Associate

o Certificate Cloud Security Knowledge (CCSK)

o Good understanding of Agile Project Management approaches including Scrum and Kanban.

Additional Information

What's on Offer for the Candidate:

• Hybrid working
• Contributory personal pension plan: - Minimum: Employee 2% and Employer 7%. Employer matches contributions in 1% increments to a maximum of: Employee 5% and Employer 10%
• Life Assurance - 4 times annual salary
• Group Income Protection
• Private Medical Insurance - this may include cover for partner and or children at company cost. Cover includes Optical, Dental and Audiology
• Discretionary Bonus
• Competitive Annual Leave
• 2 Volunteering Days
• Benefit Hut