This key role underpins our IT Security within the cloud platform and ensures that we are compliant and secure. You will be the expert and advocate for all aspects of security for our applications from development to production release. This role reports to the Head of DevOps and works closely with the Cloud Team.
- Design and maintain secure cloud infrastructure and delivery systems.
- Ensure our Cloud estate is configured securely according to industry standards, as well as our own.
- Provide security in DevSecOps, up-to-date knowledge of threat modelling, risk assessment techniques, code reviews, current best practices and the latest cybersecurity threats.
- Ensure systems and software are compliant through patch management and report / resolve any risks that need mitigating.
- Choose and deploy the appropriate automated application security testing tools. Ensure users are aware of how to make the most of application security features.
- Involvement in and appreciation of every stage in the software project lifecycle, from initial design and build to roll-out and maintenance.
- Ensure that the Company’s Quality standard (9001) and other compliance standards including Information Security (27001) and GDPR are continually maintained and adhered to.
You will be excited by the challenge of enhancing our security to drive change and improvement. As an expert in your field, you will be passionate about your solutions and implementations. With your blend of business and technical skills you will drive the right decisions on security to meet the needs of the business.
- AWS infrastructure designs using best practices for Dev / Staging / Production.
- Ability to code in Python / Bash.
- Very strong knowledge of AWS (RDS, Lambdas, VPC, WAF).
- Knowledge of any CyberSecurity Frameworks such as CIS, ISO27001, NIST.
- Experience with Terraform, Github.
- Good experience with Patching Tools such as Satellite / Systems Manager.
- Self-directed with the ability to drive projects to successful outcomes in a fast-paced growing business.
- A proven ability to use and deploy security tooling for penetration testing and code scanning.
- Able to drive change through influence and collaboration across a matrix organisation in a highly fluid environment.
- Demonstrate initiative and an ability to prioritise multiple demands.
- The ability to work effectively under pressure with critical task times.
- AWS multi-account experience.
- Knowledge of NoSQL Databases (like MongoDB).
- AWS Certified Security Certification.
- Commercial Experience with Containers / Docker.
- CI/CD Hands on experience of creating build and deployment Pipelines with tools like Jenkins / Cloudformation.
- Proven experience in writing WAF rules.
Checkit optimizes the performance of people, processes and physical assets with connected digital solutions.
Our workflow, monitoring and analytics services enable safe and productive work, efficient operations and data-driven insight to continually improve performance in large, complex organisations.
For over a decade, Checkit has been working with leaders, operational heads and frontline workers in retail, healthcare, life sciences, facilities management, catering, education, manufacturing, hospitality and commercial property.
Today Checkit has 58,000 registered users in organisations including the NHS, BP, Waitrose / John Lewis Partnership, Sodexo and Center Parcs. Our technologies generate approximately 6.5bn data points per year from thousands of sensors and digital checks.
Checkit is headquartered in Cambridge, UK, with its operations centre in Fleet, UK. The company has over 170 employees.
To attract exceptional people we offer an excellent package. As well as a competitive salary you can look forward to a contributory pension scheme, life cover, medical insurance and a chance to join a share option scheme.
Continuous professional development is key for all employees at Checkit and we actively encourage our management teams to lead by example. Our Company is professional, evolving, challenging and, above all, a rewarding place to develop your career. If you feel you have the relevant skills, experience and gravitas for such a pivotal role, then we would love to hear from you.
Please submit your CV, highlighting your experience, to: firstname.lastname@example.org