Back to Job Search
Cloud Security Assurance Consultant
Technical Consultancy, East Midlands
Apply now
Apply now
Cloud Security Assurance Consultant
Technical Consultancy, East Midlands
Apply now

The team you'll be working with:

This position is Birmingham based but offers Hybrid flexible working options.

Please note, you will need to be eligible for SC clearance

NTT DATA is one of the world's largest global security service providers, partnering with some of the most recognized security technology brands. We're looking for passionate, curious, and motivated individuals to join our team.

Using your advanced expertise in cloud security architecture, assurance methodologies, and multi-cloud environments, you will lead cloud security assessments, validate cloud control implementations, and provide authoritative guidance on cloud security posture while supporting enterprise cloud transformation and modernization initiatives across AWS, Azure, and GCP platforms.

What you'll be doing:

KEY RESPONSIBILITIES

Cloud Security Architecture Assurance

  • Lead comprehensive security architecture reviews for cloud-native and hybrid cloud solutions
  • Validate cloud security designs against industry frameworks including NIST CSF, CIS Benchmarks, and CSA CCM
  • Assess cloud architecture patterns for IaaS, PaaS, SaaS, and containerized workloads
  • Provide authoritative guidance on secure multi-cloud and hybrid cloud architectures
  • Evaluate cloud migration security strategies and transformation roadmaps
  • Interface with cloud architects and enterprise architecture teams on security requirements

Cloud Security Assessment and Testing

  • Design and execute cloud security assessments across AWS, Azure, and GCP environments
  • Conduct cloud configuration reviews and security posture assessments
  • Lead cloud penetration testing engagements following CREST and CHECK methodologies
  • Perform container and Kubernetes security assessments
  • Assess serverless and microservices security implementations
  • Validate Infrastructure as Code (IaC) security controls and deployment pipelines

Cloud Compliance and Governance

  • Lead cloud compliance assessments against ISO 27017, ISO 27018, and SOC 2 requirements
  • Conduct cloud security audits for regulatory frameworks including GDPR, NIS2, and DORA
  • Assess cloud service provider security controls and shared responsibility models
  • Validate cloud governance frameworks and policy enforcement mechanisms
  • Review cloud security posture management (CSPM) implementations
  • Coordinate cloud security audits with internal and external audit teams

Cloud Identity and Access Management Assurance

  • Assess cloud IAM architectures including Azure AD, AWS IAM, and GCP IAM
  • Validate privileged access management and just-in-time access controls
  • Review federated identity, SSO, and multi-factor authentication implementations
  • Assess service account security and workload identity configurations
  • Evaluate cloud entitlement management and least privilege implementations
  • Validate identity governance and administration controls

Cloud Data Protection and Encryption Assurance

  • Assess cloud data protection strategies including encryption at rest and in transit
  • Validate cloud key management service implementations and BYOK configurations
  • Review data residency, sovereignty, and cross-border data transfer controls
  • Assess cloud backup, disaster recovery, and business continuity arrangements
  • Validate data classification and cloud DLP implementations
  • Review cloud database security and secrets management solutions

DevSecOps and Cloud Pipeline Security

  • Assess security integration in cloud CI/CD pipelines and DevOps workflows
  • Validate shift-left security practices and automated security testing
  • Review Infrastructure as Code security scanning and policy as code implementations
  • Assess container image security and registry vulnerability management
  • Evaluate cloud workload protection platforms and runtime security controls
  • Validate secure software supply chain practices for cloud deployments

What experience you'll bring:

REQUIRED SKILLS & COMPETENCIES

Advanced Cloud Security Expertise

  • Mastery of cloud security across AWS, Azure, and GCP platforms
  • Expert knowledge of cloud security frameworks (CSA CCM, NIST SP 800-53, CIS Benchmarks)
  • Advanced experience in cloud security architecture review and validation
  • Deep understanding of cloud-native security services and CSPM tools
  • Comprehensive knowledge of container security, Kubernetes, and serverless security

Cloud Platform Technical Skills

  • AWS Security: Security Hub, GuardDuty, IAM Access Analyzer, KMS, CloudTrail, Config
  • Azure Security: Defender for Cloud, Sentinel, Azure Policy, Key Vault, Monitor
  • GCP Security: Security Command Center, Cloud Armor, IAM, Cloud KMS, Logging
  • Multi-cloud tools: Prisma Cloud, Wiz, Orca Security, CloudHealth, Dome9
  • IaC security: Terraform, CloudFormation, ARM templates, policy as code frameworks

Assessment and Testing Methodologies

  • Cloud security assessment frameworks and methodologies
  • Cloud penetration testing tools and techniques (Pacu, ScoutSuite, Prowler, CloudMapper)
  • Threat modeling for cloud architectures (STRIDE, PASTA)
  • Security control validation and effectiveness testing
  • Vulnerability assessment and remediation prioritization

Professional Skills

  • Senior-level communication and presentation capabilities to technical and business stakeholders
  • Advanced facilitation skills for cloud security architecture reviews
  • Strategic thinking and cloud security roadmap development
  • Cross-functional collaboration with DevOps, Platform Engineering, and Cloud CoE teams
  • Client consulting and advisory skills for cloud transformation programs

Certifications Required

  • CISSP (Certified Information Systems Security Professional) or CCSP (Certified Cloud Security Professional) - Mandatory
  • Cloud platform security certification: AWS Security Specialty, Azure Security Engineer, or GCP Professional Cloud Security Engineer - Required
  • CREST CRT or CCT (Cloud/Infrastructure) or equivalent penetration testing certification - Required
  • Kubernetes security certification (CKS, CKAD) - Preferred
  • Eligible: UK SC security clearance

 

MINIMUM QUALIFICATIONS

Education

  • Bachelor's degree in Computer Science, Information Security, Cybersecurity, or related field
  • Master's degree in relevant discipline preferred
  • Advanced professional certifications in cloud security and assurance

Experience

  • 6+ years of progressive experience in information security with focus on cloud security
  • 3+ years conducting cloud security assessments and architecture reviews
  • Proven track record delivering cloud security assurance engagements for enterprise clients
  • Experience across multiple cloud platforms (AWS, Azure, GCP) in production environments
  • Hands-on experience with cloud security tools, CSPM, and cloud penetration testing

Strategic Responsibilities:

  • Cloud security assessment program delivery and quality assurance
  • Cloud security methodology development and continuous improvement
  • Client advisory on cloud security transformation initiatives

 

CERTIFICATION AND PROFESSIONAL DEVELOPMENT

Advanced Professional Requirements

  • CISSP or CCSP demonstrating strategic cloud security leadership
  • AWS Security Specialty, Azure Security Engineer, or GCP Professional Cloud Security Engineer for platform expertise
  • CREST CRT/CCT for recognized penetration testing authority
  • Continuous professional development in emerging cloud security technologies

 

WORK ENVIRONMENT

  • Dynamic cloud security consulting environment with diverse client engagements
  • Regular interaction with cloud architects, DevOps teams, and IT leadership
  • Fast-paced cloud transformation projects requiring continuous learning
  • Multi-cloud environment with exposure to cutting-edge cloud technologies
  • Remote-first culture with occasional client site visits and team collaboration

 

 

Who we are:

We’re a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.

Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.

For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA

what we'll offer you:

We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.

You can find more information about NTT DATA UK & Ireland here: https://uk.nttdata.com/

We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.

Back to search Email to a friend Apply now

Location
Leicester City Centre

“Upon joining the NTT DATA UK family, you will experience a culturally diverse organisation living our values of Clients First, Teamwork and Foresight as we partner with our customers every day.

At NTT DATA UK, we are proud to support and invest in our people. We offer a variety of rewarding career paths and opportunities to develop professionally - with access to cutting edge innovation.”

Niccolo Spataro, CEO, NTT DATA UK

NTT DATA
#loveyourwork
Apply
Jobs at NTT DATA

Browse all