Senior Cloud Security Infrastructure Engineer

SITA

  • London
  • Permanent
  • Full-time
  • 23 days ago
Job Description:OverviewWELCOME TO SITAis the leading specialist in air transport communications and information technology. We donโ€™t just connect the global aviation industry, we apply decades of experience and expertise to address almost every core business, operational, baggage, and passenger process in air transport. As an organization, we cover 95% of all international air travel destinations and work with over 2,800 air transport and government customers in every corner of the globe. Immerse yourself in the dynamic world of technology while embracing our collaborative, and inclusive culture.Ready to redefine air travel? The journey starts here, with you at SITA.ABOUT THE ROLE & TEAM:As a Senior Cloud Security Infrastructure Engineer you will be accountable for supporting DevOps teams designing, developing, and operating SITA infrastructure. Reporting to the Project Portfolio Manager, you will be a part of our growing Security and Compliance Team, an Agile Team within SITA Infrastructure & Cloud Engineering (ICE).The world is changing. Are you ready to define with future of travel with us?WHAT YOU WILL DO:
  • Work with security and infrastructure architects in the secure design of SITA networks and infrastructure.
  • Work with scrum teams to support agile delivery of new infrastructure incorporating security and privacy by design.
  • Create / review Infrastructure as Code to meet SITA, regulatory and market security requirements and best practices to be deployed via CI/CD pipelines.
  • Support DevSecOps initiatives to shift left in the detection and remediation of security vulnerabilities and defects.
  • Work closely with the SITA Enterprise Information Security Office (EISO) to evolve security guidance and guardrails around infrastructure development and build following a risk based approach.
  • Develop new network and infrastructure security controls and tooling including threat detection, vulnerability management, encryption, identity & access management etc.
  • Assess emerging security technologies.
  • Provide improvement suggestions regarding the security, usability, performance, maintainability, and scalability of existing infrastructure.
  • Provide reports and presentations to key stakeholders including management, business partners, regulators and auditors.
  • Contribute to the security maturity of SITA through production of documentation, knowledge transfer and conducting training sessions.
  • Assist in responding to security issues and incidents as a Subject Matter Expert.
  • Facilitate discussions with Engineering and Development teams, while having ability to guide and persuade in reaching decisions to achieve optimal security and business outcomes.
QualificationsEXPERIENCE:
  • 5+ years in an IT engineering or architecture capacity with at least 2 years in a security related field.
  • 3+ years experience working in Public Cloud (Azure or AWS with preference on Azure) environments; experience with private / hybrid cloud an advantage.
  • Knowledge and experience with automation and deploying infrastructure as Code via CI/CD pipelines a must (Ansible, Terraform, Azure DevOps, GitHub).
  • Practical experience of virtualization (VMWare) and containerization (Docker, Kubernetes, Rancher etc.)
  • Advanced experience in coding/scripting via Python, Bash, Powershell/PowerCLI for generating test artefacts (users, certificates, signatures, etc)
  • Understanding of Linux and Windows administration and configuration (RedHat and Microsoft certifications an advantage) including hardening against CIS Benchmarks & CIS-CAT scanning.
  • Understanding of core networking technologies including routing, switching, wi-fi, load balancing, DNS, IPv6 etc. (Cisco or Juniper certifications an advantage)
  • Practical experience with network security technologies including firewalls, proxies, secure web gateways, Web Application Firewalls, DDoS protection (certifications in Palo Alto, Fortinet, Cisco, Juniper, Cloudflare security products an advantage)
  • Practical experience of deployment and use of vulnerability scanners (e.g. Nessus, Qualys) and vulnerability management including assessments and remediation.
  • Proven knowledge and experience of storage technologies, encryption at rest, encryption in transit, secrets and key management, PKI etc.
  • Practical experience in trust arrangements and technologies which include identity providers (Active Directory, Azure AD) modern authentication methods (OIDC, SAML), claims/identity mapping across trust domains, federation topologies, token encryption signing, and managed identities for cloud principals (experience with vendors such as Okta, Ping, ForgeRock an advantage).
  • Experience with Privileged Access Management / Privileged Identity Management an advantage.
  • Understanding of common security frameworks (ISO27001, NIST800-53, CIS, CSA CSM)
  • Experience of participating in security audits, tabletop exercises and red teaming an advantage.
  • Excellent communication skills and ability to present to all levels of technical / non-technical team members
  • Excellent team player with ability to communicate and work with cross functional teams
  • Certifications with CISSP, CISM, or CKS desired
  • Bachelors degree in Information Security or related field
WHAT WE OFFER:SITAโ€™s workplace is all about diversity, many different countries and cultures are represented in our workforce. We collaborate in our impressive offices, embracing a hybrid work format. As part of our global benefits, we offer:๐Ÿก Flex-week: Work from home up to 2 days/week (depending on your Team's needs).โŒš Flex-day: You may wish to flex your arrival time at the office, to beat the rush hours or you may want to leave the office earlier to pick up your kids from school or to go to your favorite game: We support you in being open about your needs and routine with you manager.๐ŸŒŽ Flex-location: Benefit for 26 working days from anywhere around the world each year!๐Ÿ™Œ๐Ÿฝ Competitive benefits according to the local marketSITA is an Equal Opportunity Employer and values a diverse workforce. In support of our Employment Equity Program, women, aboriginal people, members of visible minorities, and/or persons with disabilities are encouraged to apply and self-identify in the application process.

SITA