Summary of the work:

Specialist role – Cyber security consultant
Deliver alphas of security tooling. Securing build pipelines. Document security processes. This role is outside of IR-35. * We would like the person to start as soon as possible.
Latest start date Monday 26 June 2017
Expected contract length 18 weeks
Work is for Government Digital Service (GDS)

About the work:

Who the specialist will work with:

You will be working within a core team of security specialists including: security engineers, security architect, security operations, security analyst, security intelligence analyst, ethical hacker. The wider ‘matrix managed’ team that is made up of tech architects, developers, user support managers, product managers, delivery managers and the Enabling Delivery and Support team.
What the specialist will work on:

Alpha Deliverables – Build prototypes for the following secrets management problems: * Solution tailored to type of secret being stored. * SSH Key management & rotation – Develop tools for use in internal security testing – Build an AWS account management solution for specific teams consistent to GDS TechOps goals – Create Build Pipelines with push button deploy, authorisation and access control for specific teams. – Setup Egress Proxying for specific teams – Set up AWS base images Secure continuous integration and build infrastructure. Build robust security processes for these tools/services and create security awareness amongst technical teams.

Skills and experience

Essential skills and experience:
· At least 2 years significant experience of application security

· At least 2 years technical knowledge in security engineering, authentication and security protocols, cryptography

· At least 2 years knowledge of system security vulnerabilities and remediation techniques

· At least 2 years analytic skills to understand security implications of technical events

· At least 2 years experience of working within a software development team/writing code

· At least 2 years software engineering skills, including experience building, managing and deploying modern technical systems

· At least 2 years working knowledge of Linux

· At least 2 years experience working with cloud environments

Nice-to-have skills and experience:
· At least 2 years experience of managing security in an environment with frequent change

· At least 2 years well recognised security certifications or training

· At least 2 years experience with penetration testing, network security monitoring or incident response

· At least 2 years experience supervising technical specialists

· At least 2 years experience of configuration management processes and tools – e.g. Puppet or Chef

· At least 2 years experience of working with IaaS and PaaS cloud environments

· At least 2 years experience of working with PCI environments

Working arrangements

Onsite, co-located with the core team. There may be some need for travel to other government/third parties for reference visits - only when needed.

Security clearance

SC clearance

Sound like the job for you?

Got what it takes to work with us? Great! Send us a link to your resumé or portfolio to become part of our talent pool.

Drop your resumé here

Similar Openings

Social media campaign training 2575


View Posting
Microsoft Dynamics AX/365 Operations consultant 2434


View Posting
Borders Data Developer 2622


View Posting