Job Description:

Role:  Cloud Security Analyst  - AWS / Azure - Security Tooling

Job Description

An industry leading Security Analyst with experience in supporting and shaping Enterprise scale projects.

The role will sit within the UK and Ireland Infrastructure, Application and Data Security capability within the Security delivery organisation. It will require deep support and implementation knowledge of multiple security technologies and toolsets. It is essential to have extensive knowledge and experience of cloud native security technologies and ability to architect and implement solutions for enterprise scale clients.

The role is to provide customer facing Infrastructure Security Advisory and Engineering Services to required quality criteria to DXC Security clients and DXC Technology as a whole.

Main responsibilities

•    Management of existing cloud security native tools
•    Ownership of service requests related to cloud security tools
•    Operational management including Incidents, Support and Change Control
•    Continuous improvement along with wider team as part of Centre of Excellence
•    Responsible for providing technical support in the creation and delivery of technology solutions designed to meet customers’ business needs and for understanding customers’ businesses.  
•    As trusted advisor create and maintain effective customer relationships to ensure customer satisfaction.
•    Maintain knowledge of leading-edge technologies and industry/market domain knowledge.  
•    Frequently contributes to the development of new ideas/methods. 
•    Usually works on complex problems or projects where analysis of situations or data requires an in-depth evaluation of multiple factors. 
•    Regularly exercises significant independent judgment within broadly defined policies and practices to determine best method for accomplishing work and achieving objectives. 
•    Provides expertise to functional project teams and may participate in cross functional initiatives. 
 

Experience required:

We are seeking candidates with a minimum of 3 years' experience with either AWS or Azure cloud infrastructure, a demonstrable experience in modern DevSecOps/CloudOps practices, experience with cloud infrastructure monitoring, experience of working within controlled regulatory frameworks, and an 'automate everything' mindset.

Technical Skills:

• Proficient in AWS and Azure security services, features, and management tools.
• Understanding of each platform's native security controls and best practices.
• Experience with security tools specific to AWS and Azure, such as AWS Security Hub, Microsoft Defender for Cloud, and third-party tools like Palo Alto Networks, Tenable, etc. Experience and knowledge of CNAPP solutions.
• Knowledge of automated security scanning tools, intrusion detection systems, and firewalls.
• Experience of DevSecOps tools and processes, AKS and EKS and container security.
• Familiarity with CI/CD pipelines and related tools (e.g., GitHub, Azure DevOps).
• Understanding of infrastructure as code (IaC) using tools like Terraform and Ansible.
• Proficient in scripting languages such as Python, PowerShell, or Bash to automate security tasks and responses.
• Ability to develop and maintain automation scripts that integrate security into the CI/CD process.
• Understanding of Networking and Encryption in Cloud environments
• Strong understanding of network configurations, security groups, and Virtual Private Cloud (VPC) setups.
• Knowledge of encryption protocols and key management practices specific to cloud environments.
• Experience of working with JIRA, and Devops.

Technical skills or Experience in some of the following:

• Experience in AWS and Azure including platform specific Security tools such as Defender for Cloud, AWS Guard duty, AWS CloudTrail, AWS Security Hub and AWS IAM.
• Scripting in PowerShell and AWS Cloud shell
• CNAPP
• Any experience of IaC or Container Security

Additional Information:

•    Professional Accreditations/Certifications are preferred
•    Background Checking is needed with full financial check 
•    Needs to be eligible for Security Clearance 

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.