Job description Posted 10 January 2022

Cloud Security Assurance Specialist

Fully Remote

Initial contract until July 2022

Pay rate up to £500 per day via Umbrella inside IR35

Job Description:


The primary purpose of this position is to drive cloud security compliance by ensuring policies are appropriately deployed, enforced and tracked.

Initially focused within Microsoft Azure, you will work with stakeholders across the organisation to remediate any identified risks.

• Review existing Azure security policy exemptions and determine as to whether those exemptions are still required.

• Remediate policy exemptions which aren’t correctly captured within the designated system.

• Provide policy compliance metrics to Cyber Risk & Assurance Leads.

• Ensure resources are tagged in-line with GSK’s tagging strategy.

• In conjunction with GRC, ensure risks are captured within appropriate system and any remediation plans are documented.

• Provide assurance on existing & new blueprints.

• Conduct foundational cloud security assessments, identifying, documenting and escalating any gaps.

• Review cloud security scores and advise resource owners as to how those scores can be increased.

• Provide cloud security consultancy for projects on an ad-hoc basis.

Skills Required:

• Experience with Azure Cloud Security policies

• Experienced in all cyber security domains

• Demonstrated experience and understanding of cyber security principles, IT security controls, and related technologies and products

• Prior experience in conducting cyber Security risk assessments

• Stakeholder/ internal business management experience

• Strong verbal/written communication in English, with the ability to effectively interact with professionals at all levels of responsibility and authority

• Work with virtual teams located in different countries around the world, aligning and adapting different work, culture and communication styles

• Exposure to any GRC technologies to conduct cyber risk management

• CCSP and AZ-500 is desired but not mandatory