R&D Senior Member of Technical Staff, Cloud Security @ Aveva

As part of the Research and Development function, the global Cloud DevOps team combines software development and cloud operations to provide continuous integration and delivery of cloud-enabled products and solutions. Responsible for deployment and continuous monitoring to ensure various cloud-specific customer requirements/SLAs are met.

As a Principal Cloud Operations Developer, you will utilise your experience to continually improve the security posture of AVEVAs Cloud solutions, as well as lead and implement improvements to the deployment process and our monitoring and reporting capabilities. You will also support and guide development teams and create best-practice templates and processes. Working closely with your development and portfolio colleagues, together you will bring new solutions to the cloud following a standard framework to ensure they are operationally secure, stable and scalable.

The global, 24x7 nature of the team means there may be a requirement for occasional work outside of the standard day and to be on call as part of a shared team rota.

Key responsibilities

Provide timely and effective response to incidents, particularly security incidents, to minimize the impact on our customers and keep colleagues updated as required.

Work with development teams to advise and contribute to security improvements, cloud architecture, operational stability, cost management and reporting requirements for our cloud solutions.

Independently learn, gain expertise and then lead implementations of new capabilities and tools supporting security and infrastructure governance and monitoring.

Continually develop and improve DevOps processes, adding value through optimization, automation and effective reporting.

Proactively manage cloud environment security to minimize service impacting issues.

Ensure new services meet required security and operational readiness standards before being accepted into operations.

Ensure on-going compliance to security practices and policies.

Provide subject matter expertise to business stakeholders as required.

Stay current on security industry trends, tools and best practices.

Qualifications

The following list applies to Azure and/or AWS Platforms.

Hands-on in cloud infrastructure as code development, with the ability to lead architecture and technology evaluations and decisions.

Willingness to learn cloud security principles, practices and tools.

Strong enterprise software development experience preferably with e.g. C# .NET.

Expertise in PowerShell, Bash and/or Node JS scripting.

Knowledge of API development, REST, microservices and serverless architectures.

Knowledge and experience of operational support, software development and deployment methodologies and principles.

Strong written, verbal and presentation skills, able to convey information clearly and concisely to technical and non-technical audiences.

Attention to detail, diligent and tenacious.

Excellent analysis and dissemination skills.

High degree of personal motivation and ability to self-manage.

Maintains and develops relevant industry and technology knowledge.

Preferred Qualifications

Web application development.

Experience/expertise in authentication and authorisation protocols such as OpenID Connect.

Experience/expertise in DNS, TLS and network architectures.

Experience in web application security principles and practices, or penetration testing.

Certifications in Azure and/or AWS.

Hands-on experience working within an Information Security accredited framework e.g. ISO27001, 27017/18.

Experience working in Agile software development such as Scaled Agile Framework (SAFe).