|Permanent||London, Paris, Valencia or Munich||here|
You will work with the Head of SecOps and Head of AppSec, and ultimately be responsible for ensuring and implementing security best practices across the Group’s cloud infrastructure (AWS and Azure). You will take a lead role in identifying potential risks to the group’s assets and creating preventative strategies to mitigate them.
- Collaborate with other Information Technology associates and functional business teams to build, deliver, and support, effective cloud security technology solutions aligned to global security strategy and compliance
- Provide recommendations to management, based on current and emerging technologies, on methods to increase security, reduce costs, improve performance and availability, and reduce administration time
- Define cloud-based technology reference architectures for guiding the development of security as code building blocks
- Architect, implement and manage cloud security solutions, agents, scanners and logging systems
- Work with teams based internationally, and operate in a security-as-a-service oriented environment
- Automate cloud security administration and operations tasks through creation and maintenance of scripts and tools
- Build and maintain cloud formation templates, and lambda scripts to automate and deploy security-related AWS resources; provide training, mentoring, and best practices to the security team
- Advise, oversee, and create proper IAM Roles and Policies to secure the cloud infrastructure
- Maintain documentation regarding cloud security technologies, configuration, and operating procedures
- Develop and maintain security as code scripts that automate security controls in the cloud environment
- Manage relationships in a manner acceptable to others and to the organisation; adhere consistently to all organisational policies.
- Strong Technical knowledge of secure engineering principles
- Good stakeholder management and influencing skills
- Relevant experience in 1000+ FTE Enterprise
- Calm under pressure
- Advanced AWS or Azure Security knowledge
- CI, CD, Bash, Kubernetes, AppDynamics
- Security architecture and Threat Modelling
In order to respond to the challenges in a scalable and collaborative way, we ask candidates to use a Jekyll based website. which will be setup for you.
- clone the repo https://github.com/project-cx/pbx-candidate-answers
- if you are happy for your answers to be publicly available, you can just fork it
- note that GitHub charges for private repos, but BitBucket doesn’t
- set-up dev/test environment (optional, but will help when writing content or modifying the template)
- if you are running locally, setup Jekyll to run the build (either on your host or using docker).
- if you are running from GitHub, in your repo settings, set the master brach to host the GitHub pages site
- add your answers as an entry to
_postsfolder (see examples)
- push your changes to your repo
- send us an email to email@example.com with a link to your repo
- we will reply with more details and a link to an Slack organisation
Note that depending on your CV and how you rate against other candidates, we will ask you do submit a couple more challenges
Important: Don’t wait until you have all the answers to ping us (step #5). Part of the evaluation is to see how your work evolve and how we collaborate together
Why else should you be interested?
Quite simply, you don’t like standing still. You are passionate about working on different and ambitious projects from Day 1 - otherwise you’d be bored! You thrive on working with people from different nationalities, different cultures and languages. You want to work within a successful and recognised company, but you also want the freedom to bring forward your own solutions and to make your own impact. You want to work somewhere where people really do know each other by name and where they genuinely want to help and challenge each other to learn, be better and more innovative every day. Most importantly, you want to work in a business where spreading joy is the mission and where we all have fun making it happen.
Photobox Group Security mission and principles
Our mission is to secure the magic moments created by our customers, across all our brands. Our operating principles define what we focus on and how we make decisions. We hold ourselves accountable against these principles.
- We are enablers for the organisation, not blockers
- We drive transparency and accountability in risk management
- We minimise vulnerabilities
- We hack ourselves first
- We educate and empower our internal stakeholders and developers
- We contribute to adding financial value
Why join Photobox Group Security?
PhotoBox Group Security is a trusted, high-energy, empowered, and proactive team. If you are looking for a place to make a difference, learn a lot, be part of a highly productive team, and are able to work collaboratively with all parts of the business, this is the place for you.
We have a great culture, with a very horizonal structure. We expect you to be knowledgeable, trustworthy, empowered, friendly, focused, and responsible.
How to apply
In order to provide a fair and objective recruitment process, before we invite you for face-to-face interviews, we ask you to submit your answers to theoretical and practical challenges. This helps us to identify your suitability and experience level.
Each challenge should take no longer than 10 - 15 minutes to complete, however, in order to highlight your key skills, you may take longer than the suggested time if you wish.
Please see below SOME OF THE CHALLENGES we might ask you to do (we customise these based on your experience and CV)