Cloud Security Architect (GCP)
Internship London, UNITED KINGDOM Energy / Materials / Mechanics
Job description
Cloud Security Architect (GCP)
Big Bank Funding. FinTech Thinking.
Our technology teams in the UK work closely with HSBC's global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. We also run and manage our IT infrastructure, data centres and core banking systems that power the world's leading international bank.
Our multi-disciplined teams include: DevOps engineers, IT architects, front and back end developers, infrastructure specialists, cyber experts, as well as project and programme managers.
We work in small, agile DevOps teams with colleagues around the world from our offices at the Bluefin Building in Southwark, our global headquarters in Canary Wharf, and multiple other locations around the UK including Sheffield, Leeds, Barnsley and Birmingham.
Following extensive investment across our Technology and Digital domains and with plans for continued expansion throughout 2020 and beyond, we are currently seeking an experienced Cloud Security Architect (GCP) to join HSBC Technology.
What you will be doing:
·
Identify, deliver, and document the required artifacts to enable movement of applications and data to the cloud securely. This includes understanding security requirements, cloud services and products awareness, solution architecture design and review, working with the cybersecurity organization to streamline governance.
·
Hands-on, directly interact with the engineering and application development teams and provide leadership to drive alignment on security requirements, influence decision makers, build relationships, and communicate strategy and architecture to the broader internal community. Be able to influence and work collaboratively to guide the developers, engineers and architects to deliver applications into the cloud securely and using reusable patterns.
·
Provide a detailed understanding of cloud security and cloud infrastructure services, threat landscape and attack scenarios, risks.
·
Possess significant breadth across other disciplines (e.g., enterprise security architecture, compute services, storage, large-scale networking, virtualization, data center, integration architecture (API), orchestration technologies (Kubernetes, Docker, open stack), systems resiliency, service support, Secure application development lifecycle management (DevSecOps), and service delivery).
·
Lead through influence, communicate effectively through clarity of thought and demonstrated understanding of business and technical requirements.
·
Be a strong technologist with pragmatic view and creative mind, and a natural collaborator with line of business security architects, cloud platform teams, engineers, developers, application owners, service providers, and senior management.
·
Work with the Enterprise cloud security architects to produce secure standards for cloud services/products that require approval for use and follow the necessary governance processes.
Desired profile
Qualifications :
What you will bring to the role:
To be successful in this role you should have proven experience within the Technology sector with knowledge of the following skills:
·
Cloud (GCP) security architecture experience; additional AWS/Azure experience will be a plus
·
Demonstrable experience architecting, positioning and delivering cloud/internet facing applications
·
A proven track record working within an enterprise scale organisation
·
Ability to provide direction and guidance on architectural use cases and requirements
·
Ability to produce hardened configuration standards for cloud services
·
Threat modelling experience
·
Experience with one or more general purpose programming languages including but not limited to: Java, C/C++, Python, JavaScript and understanding of software vulnerabilities and vulnerability remediation
·
Experience with Cloud formation and Terraform or Ansible.
·
Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
·
Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity
·
Cybersecurity expertise, keeping technical skills current and participating in multiple forums
·
Expertise in Agile
·
Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation
·
Dev-ops and application security & data security experience
·
Experience of securing highly available internet banking application (desirable)
·
Solution architecture skills required
·
Knowledge of client side applications and micro services architecture
Desirable education requirements:
· University degree in a technical discipline
·
Preferred Certifications: Google Certified Engineer; AWS Security certification / Azure Certified will be a plus
This role is based in London.
Come Power a Business that Defines How to Power the World
As a business operating in markets all around the world, we believe diversity brings benefits for our customers, our business and our people. This is why HSBC UK is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation.
We want everyone to be able to fulfil their potential which is why we provide a range of flexible working arrangements and family friendly policies.
As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.