Overview:
We’re Kingfisher. You might know us as B&Q, Screwfix, Castorama, Brico Depot or Koçtaş. We’re made up of over 78,000 passionate people, call over 1,300 stores home and operate in 8 countries. That’s right, we’re big, but we have ambitions to become even bigger and even better. We want to become the leading home improvement company and grow the largest community of home improvers in the world. And that’s where you come in.
At Kingfisher our customers come from all walks of life, and so do we. We want to ensure that all colleagues, future colleagues, and applicants to Kingfisher are treated equally regardless of age, gender, marital or civil partnership status, colour, ethnic or national origin, culture, religious belief, philosophical belief, political opinion, disability, gender identity, gender expression or sexual orientation.
If you require any additional support or reasonable adjustments to help you make an application, please contact us at
[email protected]
We advocate the benefits of a flexible and hybrid working environment, recognising that this means different things, to different people, in different roles. Want to apply as a job share or propose a way of working that isn’t the traditional 9am – 5.30pm, Monday through to Friday? We’re all ears!
What's the job?:
We’re looking for a Cloud Security Lead to join our Information Security & Risk function, taking a hands-on, leading role in driving the development, deployment and maturity of the Kingfisher Cloud Security operations, tools and services (in cloud environments such as GCP, AWS and Azure). This role matrix manages the daily activities of a highly technical team of security engineers and analysts, focused on all aspects of the Cloud Security programme.
In addition, you will:
-
In support of the Network team, manage the perimeter with protection tools that include DDoS, IPS and WAF
-
Evaluate competing security solutions for effectiveness, building businesses case to gain executive leadership approval
-
Collaborate with other teams to fix security misconfigurations/vulnerabilities
-
Lead the growth, development and support of cloud security resources
-
Lead security incident response activities both, on-premise and in the Cloud, ensuring procedures are followed and investigations are closed out satisfactorily
-
Be part of the Security Incident Response Team (SIRT), providing expertise and making decisions on the appropriate response to a security breach
-
Create and refine metrics to articulate and measure program performance
What we need::
- Proven professional experience in cloud security architectures
-
Extensive knowledge of current cyber security threat types and potential mitigation controls
-
Breadth and depth of knowledge of standards such as NIST, MITRE, OWASP
-
Strong technical background in one or more of the following AWS, GCP, Azure, Oracle or another mainstream cloud provider
-
Process automation and optimization experience – e. g. Python/PowerShell scripts (or language of choice)
-
Strong understanding of the business relevance of security risks
-
Pro-active, with the ability and confidence to drive forward discussions, co-ordinate activities, make judgements and take decisions
-
Ability to build strong working relationships and role-model the team ethic
-
High flexibility and willingness to travel (when required)
In return, we offer an inclusive environment, where what you can achieve is limited only by your imagination! We encourage new ideas, actively support experimentation, and strive to build an environment where everyone can be their best self.
We’re adopting a hybrid approach with some office and some home working, on average 40-60% in the office. Your office location? This person will be UK based with our Head Office in Paddington, or we could explore the option of being based in one of our other retail banners head offices in Southampton or Yeovil.
We also offer a competitive benefits package and plenty of opportunities to stretch and grow your career.
Interested? Great, apply now and help us to Power the Possible.
#LI-KE1