Consultant - (CREQ135503)
Skill: Cloud Security Enginer
Role: T2, T1
- Work with the engineering lead and project architect to deliver a security solution
- Analyse security risk within each design as appropriate to the scope and ensure that all interested stakeholders are informed or consulted where necessary.
- Design security controls in compliance with group-wide security standards and configuration workbooks
- Where necessary support the project in articulating waivers related to security design decisions taken.
- Take the lead on security architecture decisions and issues where the problem scenario is not covered by a pattern or standard. Seek guidance from Security Specialists where appropriate
- Collaborate with alternative technical resources with the goal of supporting projects in the production of design documentation e.g. Technical Solution Designs (TSD's) or security documentation where necessary.
- Ensure that the drivers of Cost, Pace and Quality are maintained during production of or contribution to design artefacts.
- Provide security design engineering effort that leads to the creation of high quality solutions that comply with all relevant group-wide policies and Security Standards.
- Provide security support for assigned projects at review committees, boards or forums in order to facilitate the project through governance.
- Provide support for projects as they move into the delivery stage at a level suitable to ensure that the solution is implemented as per the design. Ensure the solution is taken back through governance where the design has changed during the implementation cycle.
- Security Control Frameworks e.g. ISO27001 and practical experience in their implementation
- Security Architecture principles, generic best practices
- Network security devices
- Endpoint defence solutions
- Exposure to malware infection vectors and defence methods
- Endpoint and Server hardening principles, best practices
- Web application firewalls, network load balancers, proxy systems
- Network, Endpoint and Application logging concepts, best practice and monitoring systems including SIEM
- Cryptographic knowledge including encryption, key exchange, certificate handling and protocols (x509, PKCS12 etc)
- Authentication, Authorisation and Accounting concepts, best practice and IAM management systems. OTP and MFA systems.
Teamwork, quality of life, professional and personal development: values that Virtusa is proud to embody. When you join us, you join a team of 30,000+ people globally that cares about your growth -- one that seeks to provide you with exciting projects, opportunities and work with state of the art technologies throughout your career with us.
Great minds, great potential: it all comes together at Virtusa. We value collaboration and the team environment of our company and seek to provide great minds with a dynamic place to nurture new ideas and foster excellence.
Virtusa was founded on principles of equal opportunity for all, and so does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.