Senior Security Consultant (Cloud Security)

Essential Duties & Responsibilities

• Develop the Cloud Security training content emphasising mainly Azure followed by AWS. 
• Develop standard operating procedures and conduct comprehensive training sessions for each technology, ensuring a thorough understanding and adherence to best practices.
• A candidate should be willing to deliver the Cloud Security training in various conference remotely or on-site.
  Conduct research and provide new ideas of the training content, as per the market or latest vulnerabilities or misconfigurations. 
• Creating comprehensive training materials, including presentations, labs, and documentation.
• Staying updated with the latest trends and developments in cloud security.
• Customising content to align with industry best practices and specific client needs.
• Continuously improving and expanding training resources.
• Perform cloud penetration testing to identify vulnerabilities or misconfiguration in the client environment. 
  Develop documentation, and a knowledge base to be used by penetration tester to conduct review, security assessments. 
• Develop and implement the security solution for the current cloud deployment NSS has. 
• Develop standard operating procedures and training for each technology.
• Architect and continuously improve security technology stack, process and procedures, support model and cross-function interactions utilising automation where possible.
• Develop and report Cloud security coverage metrics 
• Define procedures to validate the effectiveness of the design, deployment, and management of security controls that aim to maintain confidentiality, integrity, and availability of Cloud networks and technology platforms.
• Conduct research to stay up to date with the latest advancements in generative AI, machine learning, and deep learning techniques and identify opportunities to integrate them into our products and services.
• Conduct thorough reviews and assessments of the utilisation of Cloud security tooling, ensuring optimal performance and alignment with security objectives.

Position specifications

• A bachelor’s degree in Cybersecurity, International Security Architecture, or related field; or equivalent work experience in a converged security program.
• 4-7 years of hands-on experience, preferably with at least one major cloud provider such as GCP, Azure, or AWS.
• 2+ years of client-facing consulting work experience performing penetration testing.
• Experience with Infrastructure as code (Vagrant, Docker, Ansible, Chef, Terraform, or similar) 
• A deep understanding of industry standards and best practices in Cloud security, including familiarity with CSA CCM, CIS, NIST benchmarks, and more.
• Excellent communication skills (written and verbal) with an ability to explain complex topics in a clear and concise manner to both technical and non-technical audiences 
• Basics to intermediate development and scripting skills in at least one programming language 
• Proven experience in cloud security, including hands-on implementation and management
• Exceptional communication and presentation skills.
• Strong organisational and time-management abilities.
• Passion for sharing knowledge and facilitating learning.
• Professional certifications in cloud security (e.g., AWS Certified Security - Speciality, Azure Security Engineer).
• Technical knowledge of Kubernetes and Docker technologies and associated security requirements (Kubernetes, Docker, etc.)
•  Should have at least one associate-level cloud certification, such as AWS Solutions Architect GCP Associate Cloud Engineer, as a testament to specialised knowledge and expertise.

About Claranet

Founded at the beginning of the dot.com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries.

At Claranet, we’re experienced in implementing progressive technology solutions which help our customers solve their epic business challenges. We’re committed to understanding their problems, delivering answers quickly, and making a lasting impact to their business.

We are agile, focused and experienced in business modernisation. Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business. We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services.

In the UK we have over 500 staff working in London, Gloucester, Warrington, Bristol, and Leeds, or as homeworkers.

Working for Claranet

Here at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean with). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, dental, discounted gyms and app supported benefit access.  

But what we think makes us different is ‘Team Claranet,’ our dedicated internal part of the business that supports you with matters close to your heart. We proudly support local charities in each of our office locations, support employees with paid charity leave, organise key charity fundraising event per year and have a dedicated committee responsible for supporting employee’s fundraising efforts.

Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality.) Being a part of a group of leading UK technology organisations, we are dedicated to building a more diverse and inclusive workforce. We are also very proud members of Tech Talent Charter, a government supported, industry-led membership group created to address the UK’s tech talent shortage and diversity gap through collective action.

Claranet Cyber Security is a world class business unit within Claranet, giving customers access to market-leading information security services spanning, training, consulting, and managed security services. Formed through the combined forces of NotSoSecure (based in US, UK and India), the UK Security Business Unit (previously known as Sec-1), and units in Brazil, France and Portugal.

Our work takes us around the world where we speak and provided Hacking Training at top security events such as BlackHat, AppSec, OWASP, Ruxcon Breakpoint, Defcon, HITB, and BruCON. Our Penetration Testing work feeds into this; we apply our research and share our knowledge through our Hacking Training, white papers and tools. Check out our blog posts on the NotSoSecure website.

The team has a strong heritage of penetration testing, consultancy and security training for leading worldwide brands, built on the quality of its technical team and excellent customer service. In recent years the teams have also created a number of new managed security services, and has aspirations to grow significantly over a number of markets, including US, Brazil, France and Germany, through sales to existing and new medium and larger enterprise organisations.

Role Summary

Our consultants work on everything from client projects to development work and training, dealing with large corporate penetration tests to gaining credit for published advisories. Technical excellence and customer service are key to our work, you will be passionate about finding vulnerabilities while being happy liaising with customers.

Our team is growing, and we need inspiring people to join us and help us to continue to build a world leading cyber security operation whilst benefiting from the opportunity to fulfil their potential.

Based in INDIA, this work will lead on Kubernetes Security testing, SDLC projects including on-site work, but will have the opportunity to work on projects with worldwide clients and will form part of our global team of penetration testers who share research, tooling, experience and collaborate freely on projects.

As a respected training provider and the leading provider of training at Black Hat conferences, our penetration testers also have the option of developing training skills and delivering security training, to both private customers, at our own events, and at leading international conferences.