Key Accountabilities
- As part of a small, but fast-growing team, you will be the Subject Matter Expert (SME) to advise and guide customers on their cloud security journey and establish a long-term trusted advisor role
- Engaging with customers to help assess their cloud security posture and to ensure any subsequent cloud design and build is appropriately secured. This may be applicable to a customer’s single cloud, or multi-cloud environment, or when a customer wishes to move its environment from on-premise to the cloud
- Provide guidance to customers on their cloud security roadmap and assist on defining the right-size cloud security controls
- Liaise closely with the customer’s architects and engineers and advise, design and deliver innovative cloud security Proof of Concepts
- Evolve existing Rackspace security services, as well as implement new ones, under the ‘Cloud Security Service’ banner.
- Establish best-practices for the consultancy resulting in standardized engagement models and repeatable ways-of-working
- Mentor and train other security architects within the wider Rackspace Security Solutions Architecture community on modern multi-cloud security domains and topics
- Evangelize the security cloud-native paradigm through the delivery of blogs, customer presentations and public speaking engagements
- Deliver high-quality work to customers as part of consulting engagements that can be delivered through workshops, presentations or security solutions architecture designs
- Actively identify opportunities for new engagements
- Contribute to RFI/RFP requests
Skills & Experience
- The ideal candidate has a proven track record in designing and delivering innovative technology security solutions built on the cloud.
- As a Senior Security Architect, the person should have the ability to act as a thought-leader. The right candidate can concisely and articulately present to both technical and non-technical audiences.
- Experience of designing secure platforms on the major hyperscalers, AWS, Azure or GCP (GCP preferred).
- Demonstrable experience in designing secure cloud-native systems and/or rebuilding an existing system on the cloud with a suitable security posture.
- Demonstrable experience in the relevant legislation, industry regulations and industry standards such as ISR, EU GDPR, HIPAA, ISO27001, ISO 22301, ISO/IEC 20000-1, ISO 22301, NCEMA, NIST CSF, PCI DSS, Cloud Security Alliance CCM, CIS, OWASP and Cyber Essentials etc.
- In-depth knowledge of the Well-architected frameworks and best practices of the major cloud providers
- Must have the ability to lead engagements, either directly or as part of a larger programme of work and take ownership for the successful delivery of customer value within budget, time and scope.
- Acting as a thought-leader, the right candidate is able to concisely and articulately present to both technical and non-technical audiences.
- You have built specialist and demonstrable cloud security architectural knowledge in the following areas; Account governance, Identity and Access Management (IAM), Asset management and data protection, Infrastructure and platform security, Application security including threat modelling and secure CI/CD, Change management practice and detection capabilities, Boundary defence, Cloud Logging and Monitoring, Continues vulnerability and patch management systems, Incident response and threat mitigation, Cloud backup/recovery and disaster recovery (DR)
- Client-facing consultancy experience within large enterprises, but happy to deliver to SMBs
- You have an articulate opinion on the advantages of using public cloud platforms in a secure manner from a business perspective
- You can identify and plan to resolve the challenges, both technical and organizational, facing organizations who are moving their applications to the cloud
- Excellent communication and stakeholder management skills are required
- Certified as CISSP, CCSP and CISM is an advantage
- As the team services customers across EMEA you may be required to travel. You will align to the needs of the customer; therefore, some engagements can be performed remotely whereas others may require you to be on-site.
