Senior Security Engineer

Job Summary We are seeking a highly motivated and experienced Cloud Security Hands-On Engineer to join SCB The Cloud Security Hands-on Engineer will be responsible for designing implementing and maintaining our cloud-based security infrastructure This will include developing a deep understanding of our cloud architecture identifying and mitigating potential security threats and vulnerabilities and collaborating with other teams to ensure our security measures are effective At least six years experience with 4 years of Information Security or engineering experience 2 years of direct experience in at least one Public Cloud AWS or Azure Work closely with Product Security Engineering Operations and Corporate Security to define security strategy and execute on it Implementing automation to enable developers to easily consume security services Improve the accessibility of security through automation continuous integration pipelines and other means Designing a secure application-release automation process to make security an integral part of the CI CD pipelines Experience in ML Engineering Applied AI Data Science with production deployments Enforce standard methodologies processes and tools and ensure compliance to enterprise architecture global information security policies and engineering strategy Validate adherence to AWS and Azure governance standards for policy definitions role-based access controls ARM Templates resource groups and Azure Blueprints Identify security tools and lead operationalization of solutions from POC to Production e g API Threat Protection Container Security etc Streamline POC processes Work with SRE and Engineering to implement a chaos-testing methodology and toolkit Integrating security tools issue tracking with Jira Implement automation to investigation and response workflows for Automated Incident Response Interview hire and create on-boarding plans for new or transferred employees Encourage others to seek opportunities for different and innovative approaches to addressing problems facilitate the implementation and acceptance of change Produce and streamline audit evidence Stay current on threats vulnerabilities and controls Familiarity with SecOps processes i e detection monitoring alerting and threat intelligence Hands-On Proficiency in scripting and coding using Bash Python IaC Terraform Cloud formation Azure ARM Participate in the entire lifecycle of software development including requirements analysis design development testing deployment and maintenance Tools like Junit Postman Burp Terratest Sentinel Misconfig test OPA etc Hands on experience in infrastructure provisioning configuration of provisioned infrastructure deployment of application and Plugins such as TFLint Checkov Docker Linter docker-vulnerability-extension Security Scan Contrast Security etc Extensive knowledge in analyzing the contents and the build process of a container image in order to detect security issues vulnerabilities or potential risks Open-source tools such as Dagda Clair Trivy Anchore etc can be leveraged for container image analysis Familiar with Open-source tools such as Jenkins etc can be leveraged to build the CI CD pipelines and DefectDojo and OWASP Glue can help in tying the checks together and visualizing the check results in a single dashboard Hands-On experience in Open-source tools such as truffleHog git-secrets GitGuardian and similar can be utilized to detect such vulnerable management of secrets Expert knowledge with integrating crucial security tasks into CI CD pipelines Strong knowledge of software development methodologies and the software development lifecycle Strong knowledge of container security and secrets management Working experience with configuration management Experience with Azure technologies in general such as Service Fabric Application Service Environment Azure Kubernetes Service Azure DevOps Azure Monitor Azure Sentinel Azure Defender Suite Azure SQL Cosmos Azure APIM Azure AD Azure OMS Application Insights Global Traffic Manager etc Experience with AWS technologies such as CodePipeline CodeBuild CodeDeploy CodeStar Guardrails Amazon ECS AWS Lambda etc Key Responsibilities Strategy Responsibilities that are related to the development and implementation of a strategy for example Awareness and understanding of the Group s business strategy and model appropriate to the role Business Responsibilities related to the delivery of business and or financial objectives for example Awareness and understanding of the wider business economic and market environment in which the Group operates Processes Reference the processes for which the Role Holder is responsible as per the Operational Risk Framework definition of first second line for example Responsible for executing and supervising the Budget process People Talent Reference all responsibilities related to people and talent matters for example Lead through example and build the appropriate culture and values Set appropriate tone and expectations from their team and work in collaboration with risk and control partners Ensure the provision of ongoing training and development of people and ensure that holders of all critical functions are suitably skilled and qualified for their roles ensuring that they have effective supervision in place to mitigate any risks Employ engage and retain high quality people with succession planning for critical roles Responsibility to review team structure capacity plans Set and monitor job descriptions and objectives for direct reports and provide feedback and rewards in line with their performance against those responsibilities and objectives Risk Management Responsibilities relating to identifying assessing monitoring controlling and mitigating risks to the Group as well as an awareness and understanding of the main risks facing the Group and the role the individual plays in managing them For example - The ability to interpret the Group s financial information identify key issues based on this information and put in place appropriate controls and measures Governance Responsibilities relating to the direction planning structure frameworks e g processes and policies and oversight For example Responsible for assessing the effectiveness of the Group s arrangements to deliver effective governance oversight and controls in the business and if necessary oversee changes in these areas Awareness and understanding of the regulatory framework in which the Group operates and the regulatory requirements and expectations relevant to the role Key stakeholders list all responsibilities associated with the management of stakeholders e g Application Development Community DevOps Engineering Security Architecture Security Engineering Control Owners Qualifications Training licenses memberships and certifications Experience with scripting and orchestration including Terraform Experience with Python Go Java or Ruby Experience in ML Engineering Applied AI Data Science with production deployments Strong programming skills in Python Pandas NumPy Scikit-learn TensorFlow PyTorch spaCy Transformers Experience working with DevOps tools for ex Bitbucket Jenkins and Artifactory Experience in DevSecOps pipeline security tools for ex OPA Sentinel Experience with Public Cloud platforms for ex AWS Azure or GCP Experience in API layer like security custom analytics throttling caching logging monetization request and response modifications etc Experience with Container platforms for ex Kubernetes OpenShift EKS AKS or GKE Experience in Security automation using Cloud services like AWS Lambda or Step Function Experience creating Splunk use cases SIEM and Splunk query language Cloud or Container Certifications like CKA AWS SA AZ-500 TF Associate Cyber Security Certification like CISSP CCSP CCSK Good understanding of software development methodologies such as Agile and running Scrum Strong analytical and problem-solving skills Excellent communication and collaboration skills Ability to work effectively in a fast-paced environment Skills and Experience Public Cloud Engineering and Architecture API Frameworks IAM RBAC ABAC and Secrets Management Threat Modeling Manual Automation Threat Modeling Framework STRIDE MITRE Azure AWS Public Cloud Python Go Lang Java NET Infrastructure as Code PowerShell Azure CLI DevSecOps Capabilities SAST DAST SCA CodeSign About Standard Chartered We re an international bank nimble enough to act big enough for impact For more than 170 years we ve worked to make a positive difference for our clients communities and each other We question the status quo love a challenge and enjoy finding new opportunities to grow and do better than before If you re looking for a career with purpose and you want to work for a bank making a difference we want to hear from you You can count on us to celebrate your unique talents and we can t wait to see the talents you can bring us Our purpose to drive commerce and prosperity through our unique diversity together with our brand promise to be here for good are achieved by how we each live our valued behaviours When you work with us you ll see how we value difference and advocate inclusion Together we Do the right thing and are assertive challenge one another and live with integrity while putting the client at the heart of what we do Never settle continuously striving to improve and innovate keeping things simple and learning from doing well and not so well Are better together we can be ourselves be inclusive see more good in others and work collectively to build for the long term What we offer In line with our Fair Pay Charter we offer a competitive salary and benefits to support your mental physical financial and social wellbeing Core bank funding for retirement savings medical and life insurance with flexible and voluntary benefits available in some locations Time-off including annual leave parental maternity 20 weeks sabbatical 12 months maximum and volunteering leave 3 days along with minimum global standards for annual and public holiday which is combined to 30 days minimum Flexible working options based around home and office locations with flexible working patterns Proactive wellbeing support through Unmind a market-leading digital wellbeing platform development courses for resilience and other human skills global Employee Assistance Programme sick leave mental health first-aiders and all sorts of self-help toolkits A continuous learning culture to support your growth with opportunities to reskill and upskill and access to physical virtual and digital learning Being part of an inclusive and values driven organisation one that embraces and celebrates our unique diversity across our teams business functions and geographies - everyone feels respected and can realise their full potential 40303