Senior Security Consultant (B2B Contract)

An American leader in cloud computing are have a new role available. You would be required to build out their continuous security compliance framework. The end client is a German biotechnology company that develops and manufactures active immunotherapies for patient-specific approaches to the treatment of diseases.



They are looking for:



1 x Security Engineer



This role offers the following:

- B2b contract

- Fully remote working

- Part time work (18 hours per week)



Responsibilities:

• Develop existing implementation of Lacework CSPM tool to monitor and analyze the security posture of BNT cloud infrastructure.
• Perform continuous monitoring of cloud resources, configurations, and security policies to identify and address security risks.
• Collaborate with cross-functional teams to establish and enforce security policies, standards, and best practices.
• Develop and maintain runbooks (SOPs) with workflows for security assessment, incident response, and remediation.
• Conduct security assessments and audits of cloud services, architectures, and applications to identify vulnerabilities and recommend improvements.
• Investigate and respond to security incidents, working closely with incident response teams to minimize impact and prevent future occurrences.
• Integrate policy requirements into pipelines as preventive controls

Skilset:

• Experience implementing Lacework control policy as code
• Solid understanding of cloud security concepts, best practices, and industry standard compliance frameworks (ISO + NIST + CIS)
• Understanding of GxP framework
• Confluence Documentation
• Relevant certifications eg: Certified Cloud Security Professional (CCSP) or Certified Information Systems Security Professional (CISSP)