Security Engineer Cloud

About the team

Group Information Security handle all aspects of IT Security for the Group. Within the group the Security Engineering team are responsible for the secure design and build elements of solutions and services that protect our customers, our data and our brand. 

About Us

The OSB Group is a FTSE 250 specialist mortgage lender, primarily focused on carefully selected segments of the mortgage market.

Our specialist lending is supported by our Kent Reliance and Charter Savings Bank retail savings franchises. Diversification of funding is provided by sophisticated securitisation platforms. OSB’s unique cost-efficient operating model is supported by our wholly-owned subsidiary OSBIndia.

Alongside passion for our products and customers, we're passionate about our people and want to continue building a collaborative and engaging environment.  Being dedicated to Diversity, Equity and Inclusion, we encourage differences and recognise that individuals from diverse backgrounds and experiences can bring valuable insights and enhance the way we work.  This is supported by our Diversity, Community and Environment Employee Engagement Networks and our commitment to the Women in Finance Charter and Women in Leadership Programme. 

What you will be doing

In this role, you will be working as part of the established Cloud Centre of Excellence as a subject matter expert that is responsible for the design and implementation of the cloud security services as part of the modernisation strategy.

The role requires cloud experience and knowledge of security design principles and practices for foundational cloud services across cloud compute, storage, networking, RBAC as well as experience of integration with existing Group Security services and processes such as monitoring, alerting and incident response.

The person will work closely with multiple teams within OSB Group through an agile delivery model and represent Group Information Security (GIS) at programme design and delivery meetings to promote and enforce the security requirements and guardrails for the cloud platform.

Your responsibilities will include…

• Assisting with scoping, designing and building of secure Azure cloud services to support the Modernisation programme and deliver a scalable and flexible cloud security capability
• Working with the Design & Delivery Lead to help define and deliver the high-level and low-level security objectives and designs for a project or programme, aligning to business and functional requirements
• Driving discussions and design decisions to deliver scalable and manageable cloud solutions aligned to security, performance, operational and cost constraints
• Working closely with application development teams to deliver secure code and integration with various SAST, SCA and DAST tools for the CI/CD pipeline
• Delivering security work stream activities and tasks against the migration strategy and integration points for central security services to manage/monitor the cloud infrastructure
• Working with teams to implement secure systems and solutions through the application of regulations, policies, standards and procedures to meet user needs while managing business and security risks
• Understanding industry standard controls to deliver compliant solutions through appropriate adoption, configuration and management of key controls
• Developing, testing, and delivering Security Policy as code for a variety of Public Cloud compute services and Container platforms leveraging native services

In return for your commitment

We offer a base salary dependent on experience of up to £95,000 and a competitive benefits package including:

• Discretionary annual bonus opportunity of up to 25%
• 30 days annual leave plus bank holidays
• Contributory pension (8% employer 5% employee)
• Life Assurance (4x salary) plus Group Income Protection
• Access to Private Medical Insurance and Medical Cash Plan
• Additional benefits such as Hybrid working, Cycle Purchase scheme, Technology Purchase scheme, Season Ticket Loan, Holiday purchase / sell schemes, Employee Perk Portals, Payroll giving and Save as you Earn scheme

Could you be the one?

We are looking for talented individuals who have the experience and knowledge set out below:

• Proven experience in:
  • Cloud Infrastructure Engineering/Platform Engineer/Security Engineer role, migrating and integrating cloud foundation services
  • Integrating security into CI/CD pipelines for the underlying cloud infrastructure platform and/or the landing zone services with Security tools
  • Implementing secure core foundational services in a cloud infrastructure for Active Directory, SecDevOps, Networking Services, at an enterprise level
  • Setting up and managing container security in platforms
• Certifications in:
  • Microsoft Azure Security Engineer Associate certification or AWS equivalent

We also believe that your career and how you progress is as unique as your individual personality. We continually support our people so they can become the best version of themselves.

What to do next

If this sounds like you, please apply now! For internal applications please visit the internal careers page to apply.

Alternatively, if you wish to have an informal and confidential chat please get in touch. Contact details can be found on our careers page.

If shortlisted from your initial application we operate a personalised recruitment process. Interviews are a two way street, we aim for them to be relevant and conversational to get the best out of you!

OSB Group are dedicated to diversity in the workplace and committed to treating all our employees and job applicants equally.  We embrace equal opportunities and are opposed to discrimination on any grounds.

As part of our public commitment to the Women in Finance Charter, we have introduced our own initiatives to attract, develop and advance senior women in our sector. We don’t stop there though, we have broadened our approach to encourage diversity and inclusion at all levels and in all roles. Our leadership and Executive Committee are right behind us, to the extent that our Diversity Champions sit at Board level and on a monthly basis receive updates on our progress. 

Whilst we are an organisation that values face-to-face interaction to build and nourish our culture, we also acknowledge that people are not just productive in an office and tied to the 9 to 5.  Flexible-working opportunities are important for establishing a healthy work-life balance so if you see a role of interest we are happy to be asked about flexibility and explore together if we can make it work.

All applicants must have rights to work in the UK and be willing to undertake the relevant pre-employment screening checks should your application be successful.