Senior Cloud Security Engineer

About the role: Join Our Team at Holland & Barrett!

Are you passionate about cloud security and looking to make a significant impact? Holland & Barrett is seeking a Cloud Security Specialist to help us define and implement our cloud security strategy. If you're an experienced professional eager to work with cutting-edge technology and collaborate with diverse teams, we want to hear from you!

• Security Strategy: Help define and execute the Holland & Barrett cloud security strategy, partnering with platform and Site Reliability Engineering (SRE) teams to build robust infrastructure that supports our business.
• Perimeter Security: Establish platform perimeter security by implementing controls at ingress and egress points, including creating and maintaining an edge network with a Web Application Firewall (WAF), Distributed Denial of Service (DDoS) protection, and a Content Delivery Network (CDN).
• Access Control: Establish an access control baseline focusing on the principle of least privilege and segregation of duties. Monitor and enforce these controls once roles and permissions are set.
• Security Controls: Design, implement, and maintain security controls to prevent, detect, and remediate insecure configurations, including defining and disseminating secure AWS/infrastructure baselines.
• Standards Development: Own the development and maintenance of tailored security standards and guidelines, creating reusable resources for various development teams.
• AWS Security Services: Establish and manage AWS security services, including certificate authorities, encryption services, insecure configuration scanners, and security control canaries.