EXPERIENCE
Essential skills and experience
- Have proven track record of risk assessing and assuring cloud based architectures for large and complex organisations
- In depth understanding of traditional security technologies and security specific protocols (e.g. TLS, Kerberos and SAML)
- Solid experience and understanding of AWS security tools and services, open source security controls, automated security testing tools
- Proven track record of scoping pen testing, ITHC and security incident management
- In depth understanding and experience of outcome based approach to risk identification, management and mitigation using techniques such as risk trees and attack tree methods
- Good understanding of identity management, identity lifecycle management
Nice-to-have skills and experience
- Experience of HMPO systems or similar government operational systems
- Experience of GDS best practices