Overview

About the role: Join Our Team at Holland & Barrett! Are you passionate about cloud security and looking to make a significant impact? Holland & Barrett is seeking a Cloud Security Specialist to help define and implement our cloud security strategy. If you're an experienced professional eager to work with cutting-edge technology and collaborate with diverse teams, we want to hear from you!

Responsibilities

• Security Strategy: Help define and execute the cloud security strategy, partnering with platform and Site Reliability Engineering (SRE) teams to build robust infrastructure that supports the business.
• Perimeter Security: Establish platform perimeter security by implementing controls at ingress and egress points, including creating and maintaining an edge network with a Web Application Firewall (WAF), DDoS protection, and a Content Delivery Network (CDN).
• Access Control: Establish an access control baseline with least privilege and segregation of duties. Monitor and enforce these controls once roles and permissions are set.
• Security Controls: Design, implement, and maintain security controls to prevent, detect, and remediate insecure configurations, including defining and disseminating secure AWS/infrastructure baselines.
• Standards Development: Own the development and maintenance of tailored security standards and guidelines, creating reusable resources for various development teams.
• AWS Security Services: Establish and manage AWS security services, including certificate authorities, encryption services, insecure configuration scanners, and security control canaries.
• Experience and Qualifications: 5+ years of experience in cloud security (particularly AWS) and at least 2+ years in software development.
• Security Knowledge: Strong understanding of cloud and application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms.
• Technology Experience: Experience with AWS, Kubernetes, Service Mesh, API gateways, and API security (authentication and authorization).
• Programming & Tools: Proficiency in Python, JavaScript, Go, Terraform, CloudFormation (AWS), and AWS CDK.
• Methodologies: Familiarity with Agile methodologies (SCRUM) and proven project management skills to manage multiple security projects.
• Desirable: Ability to work independently, take initiative, and maintain strong attention to detail to ensure high security standards.
• Communication: Strong communication and interpersonal skills to collaborate with technical and non-technical teams.

Benefits

• Pension company contribution = 3%
• Incentive scheme up to 10% of annual salary, based on company performance.
• 33 days holiday per year for wellbeing.
• Private Medical Care (Self after 1 year)
• Learning and Development opportunities for long-term career development.
• Career progression and Refer and Earn Scheme.
• Epic Extras with exclusive benefits, discounts, and savings.
• 25% employee discount on products from day one.
• Free 24/7 confidential advice and colleague welfare.
• Mental Health First Aiders and onsite gym at the Nuneaton Hub.
• Colleague reward and recognition schemes.
• And many more wellness-focused programs.

We are committed to a diverse and inclusive workplace and to EPIC values (Expertise, Pioneering, Inclusive, Caring). Holland & Barrett does not accept unsolicited resumes from search firms/recruiters.