- Location(s): UK Wide
- Salary: Competitive
- Contract Type: Permanent
- Ref: R00TR00322
- Closing Date: 14 May 2021
- We're happy to consider flexible working approaches for this role
Nationwide is undergoing a digital transformation journey; our cloud adoption is presenting opportunities for improving our overall security posture by baking security into the pipeline at the earliest point. For us, it’s not just about having the right security background, you need to be pragmatic, be able to work collaboratively and be driven to learn and succeed.
At Nationwide we openly put our 15 million members at the centre of every decision we make as a business. Every role, no matter what it’s doing, is member focused.
What you’ll be doing
In this role you will work as part of the Cloud Security Operations (SecOps) team, which provides design, build and production support for the shared security services we offer on our public cloud platforms (currently AWS and Azure, currently). You will be the ‘first point of contact’ to the SecOps team, working with other teams to ensure that security is built into their design and delivery from outset, that their designs meet with our security controls, helping them consume our shared security services and that they remain within the risk appetite throughout the life of the design.
This role would suit someone who has been in an engineering or consultancy role, with hands on experience on AWS and/or Azure but wants to employ their communication skills to a consultancy role. Key activities will be:
- Help our customers to adopt existing security tooling and practices to ensure their compliance against security controls
- Be a point of contact throughout development to maintain alignment to those security controls.
- Be an advocate of cloud best practice for security and help others who are not familiar with cloud/agile ways of working to embrace those practices.
- Work with the SecOps engineering teams to onboard our consumers to the existing security tooling or to identify any changes that may be required.
- Support the identification of risks in consumer delivery, the reporting and governance of those risks, and work with consumers to identity the remediation that they need to make to return to risk appetite.
In addition, you will:
- Contribute to the creation and ongoing maintenance of security engineering principles, patterns and standards to reflect best practice and effective use within the organisation
- Build a network including external relationships with other engineers/SMEs to understand best practice and emerging trends within engineering
- Act as an engineering advocate across Nationwide, identifying good practices to adopt and sharing experiences, e.g.: through blog posts, tech talks at technical forums, knowledge share, etc.
- Develop capability of security engineering team by supporting recruitment and pipeline talent development, through coaching and mentoring.
As a minimum you’ll:
- Have in depth understanding of securing cloud technologies (AWS, Azure, GCP)
- Robust understanding of containerisation technology (Docker, Kubernetes)
- Good understanding of DevOps tools (GitHub, Jenkins, Nexus, Ansible, etc.)
- Have a very strong knowledge of privileged access management, role based access, and IAM and the use of Azure Active Directory as identity provider.
- Have experience of vulnerability management, and the identification, reporting and governance of vulnerabilities. Be familiar with Prisma Cloud (Twistlock).
- Have experience of key and secrets management in a resilient shared service that is built upon Hashicorp Vault.
- Have experience of security incident and event management (SIEM) using Splunk.
- Have experience of Cloud Access Security Brokers, such as McAfee MVISION.
- Be an advocate for change and incident management.
- Be ready to share your expertise with our emerging talent
- Build good working relationships with both technical and business stakeholders, gaining their respect and trust based on your knowledge and professionalism
- Have excellent communication and interpersonal skills
- Have the ability and desire to quickly learn new technologies.
- Help us to identify new technologies that we should adopt.
Experience and knowledge of the following areas would be beneficial:
- Cloud Security qualification such as CCSP or CCSK
- Agile delivery methodologies, and the use of Confluence and Jira.
- Scheme and regulatory environments such as PCI DSS and GDPR
- Hands-on experience with the design, deployment, configuration of cloud technologies
We’re also interested in who you are as a person. Why? Because our membership is made up of so many different kinds of people, so we want our employees to be just as diverse. We’d love to hear about:
- Your values, and what makes you who you are
- How you’d make a difference to our members in this role
We know applying for jobs can sometimes feel like you’re sending an application into a black hole. We review each application individually. So, it’s a good idea to call out your most relevant experience on your application to give yourself the best chance.
The extras you’ll get
Our people’s success isn’t based on how long they spend at their desk. While you’ll have contracted hours, we want to offer a flexible environment where possible. That might be working from home, logging on from other offices across the UK, or working part time or compressed hours.
There are all sorts of employee benefits available at Nationwide, including:
- A personal pension – if you put in 7% of your salary, we’ll top up by a further 16%
- Up to 2 days of paid volunteering a year
- Life assurance worth 8x your salary
- A great selection of additional benefits through our salary sacrifice scheme
- Access to an annual performance related bonus
- Access to training to help you develop and progress your career
- 25 days holiday
Why work at Nationwide
We’re a building society founded by ordinary people, our members, who came together to help each other get the most from their money, buy homes and save for their futures. For over 130 years, we’ve supported each other and our communities, and we’ve done the right thing for wider society too.
If you come to work here at Nationwide, you’ll be part of that. Part of something a bit different. And something really quite special.
What’s more, we have a strong ethic of care for each other and our members. We recognise that our employees feel most appreciated when their thoughts and values are respected and considered. We’re committed to creating a culture that recognises and truly values our individual differences and identities. So if you’d like to be a part of an inclusive workplace where you can be yourself, where your talents are nurtured, and you feel empowered to contribute, then please apply and help us in building society, nationwide.
What to do next
If this role is for you, please click the ‘Apply Now’ button. You’ll need to attach your up to date CV and answer a few quick questions for us.
We respond to everyone, so we will be in contact shortly after the closing date to let you know the outcome of your application.