AWS Cloud Security Engineer – Secure Transfer of Digital Records (CSC)

Closing date for applications: 20/12/2019
Specialist role
Cyber security consultant
Summary of the work
Provide expert advice and guidance on information assurance, security standards, services, policies and tools Review service design, identify and assess risks Design, evaluate and recommend appropriate, cost-effective security controls and processes Work with the team to implement recommendations to secure the service in line with business, user and compliance requirements.
Latest start date
Expected contract length
Initial up to 8 weeks to 31/03/20; additional up to 8 weeks depending on needs, performance & budget
Organisation the work is for
The National Archives
Maximum day rate
Early market engagement
The specialist will work with the ‘Transfer Digital Records’ product team at The National Archives. The team are building a service which enables the secure transfer of digital records to The National Archives. The service offers tools for content upload, validation and transfer of ownership to the Archive. We have completed in-house discovery and Alpha prototyping phases to determine the scope of the proposed service; identify user, business and compliance requirements for access and security; and deliver a small-scale demonstration prototype and proof of concept for the service. We now require a specialist to review the security and assurance aspects of our proposed design, identify threats and gaps and develop a strategy for delivering and operating a securing the service as we move into a Beta delivery phase.
Who the specialist will work with
The specialist will work with the ‘Transfer Digital Records’ product team at The National Archives: Team roles include: Product manager, Delivery manager, Technical architect, Data analyst, Developers (front and back end), User experience researcher. There will be scope to engage with the Service Owner, Departmental Security Officer and IT Security Officer. The specialist will need to engage with stakeholders across the organisation to present work, demonstrate designs and seek feedback as the work progresses.
What the specialist will work on
Requirements: Review and understand user, business and compliance requirements for service security Risk discovery & analysis: Review relevant design decisions and assessment documentation from the Alpha phase; identify potential threats, weaknesses and gaps in our proposed approach Risk treatment: Develop a pragmatic, appropriate and cost-effective strategy for securing the service Assurance: Contribute to technical assessment and assurance processes Implementation and testing: Work with the team implementing the approved design to ensure that the Beta product release meets our security requirements. Documentation: Deliver appropriate documentation of requirements, design recommendations and risk assessments to support technical review and on-going service development.
Address where the work will take place
The team is based at The National Archives, Kew, Richmond, Surrey TW9 4DU. You will be expected to work on-site. Some remote working may be possible by agreement.
Working arrangements
Co-located with the team in a highly collaborative environment to enable you to understand requirements, understand previous work, demonstrate your work and test and refine your proposed strategy with the team throughout the project. Normal office hours are 9am to 5pm, some flexibility is available. We expect to interview on 13 January 2019.
Security clearance
An SC cleared specialist is required.
Additional terms and conditions
How many specialists to evaluate
Cultural fit criteria
Be willing to work on site at The National Archives, in close collaboration with the product team. Work closely with our organisation and other suppliers. Have excellent problem solving skills and display initiative in proposing and testing different approaches to find a solution. Communicate openly, demonstrate progress and discuss findings regularly. Be transparent and collaborative. Be comfortable standing up for their discipline. Have a no-blame culture and take responsibility for their work. Be able to work and make progress independently to deliver work to a deadline.
Assessment methods
Evaluation weighting
Technical competence 65% Cultural fit 15% Price 20%
Essential skills and experience
  • Hold relevant, current certification (please specify) with expertise and significant practical experience of developing security strategies in an AWS cloud environment
  • Have a proven track record of risk assessing and assuring cloud based architectures for secure, content-driven services
  • Have an in depth understanding of relevant security standards, protocols and architectural approaches
  • Have detailed knowledge and understanding of AWS security tools and services, open source security controls and automated security testing tools
  • Have expertise in developing an outcome based approach to risk identification, management and mitigation using techniques such as risk trees and attack tree methods
  • Have a good understanding of identity management and identity lifecycle management with strong experience of relevant security models and technical frameworks for access management
  • Be able to deliver at pace within a fixed timeline and budget
Nice-to-have skills and experience
  • Have experience of working within GDS standards and best practice
  • Have knowledge and experience of designing cloud services for uploading and processing large collections of digital content

Closing date for applications: 20/12/2019

AWS Cloud Security Engineer – Secure Transfer of Digital Records (CSC)

Closing date for applications: 20/12/2019

Specialist role:

Cyber security consultant




The National Archives

Maximum day rate:


IT Recruitment Marketplace
The Hive Enterprise Centre, Victoria Avenue
Southend-on-Sea, Essex SS2 6EX
© IT Recruitment Marketplace
To change your subscription email us here