This role is based in India and as such all normal working days must be carried out in India.
Join us as a Security Specialist
- We’re looking for someone to actively support a domain and our wider organisation as a subject matter expert in a security-related field
- Day-to-day, you’ll be making sure that the security implications of the backlog are understood in the right way to build security early into the design
- This is your chance to bring a competitive edge to your career profile by solving new problems and creating smarter solutions and enjoying professional development opportunities
- We're offering this role at associate vice president level
In this role, you’ll make sure that decisions are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management. You’ll also encourage the identification of ideas and drive the delivery of initiatives that will reduce cost and simplify our Group.
Additionally, you’ll work at a domain level to understand and make sure that robust security is continuously considered and incorporated at every stage, programme increment and Feature team delivery throughout the development lifecycle and through to support.
You’ll also be responsible for:
- Using your SME knowledge to support the wider organisation in building and operating secure services that protect both our colleagues and customers
- Collaborating with Feature teams and participating in store refinement, sprint planning and retrospective sessions
- Establishing a culture of innovation and strategic thinking that provides our Group with knowledge of the latest developments in your area of specialism
- Making sure any developments in your area of specialism are assessed and the impact on our wider organisation is appropriately communicated
- Building relationships with colleagues across our group and third-parties to make sure decisions are commercially-focused and create long-term value for our organisation
To be successful in this role, you’ll have experience of, or a willingness to learn, risk management frameworks. You’ll also have experience of setting risk appetites and a background in defining risk policy controls. Knowledge of one, or more, security subject areas would also be advantageous.
You’ll also need:
hands-on expertise in HashiCorp Vault, CyberArk Conjur, Akeyless, OpenBao, or similar platforms. Proven ability to deploy, secure, operate, recover, and support large-scale production secrets management services. Strong incident response and troubleshooting expertise, including outage management, root cause analysis, disaster recovery, security incident remediation, and ensuring high availability of critical enterprise platforms
- Strong experience with cloud-native secrets management capabilities across AWS and GCP, including integration with applications, Kubernetes platforms, identity services, networking controls, and automation pipelines
- Experience in implementing security controls using Infrastructure-as-Code practices and tooling such as Terraform
- Good understanding of Identity and Access Management (IAM), DevSecOps, Kubernetes, application security, databases, and cloud-native architectures
- Knowledge of machine identities, certificate management, workload authentication, and Zero Trust security principles would be advantageous