(contract) Security DevOps Lead

Team Description:

The multi award winning Camelot Information Security team is responsible for facilitating the secure delivery of Camelot’s products and services, both where we operate lotteries, or provide platforms to other lottery operators. Our role is to make Information Security relevant, simple and transformational, and support our colleagues in achieving their goals in a secure manner.

Within the Information Security team the Camelot Security Operations Centre monitors and investigates activity on Camelot’s networks both in our own datacentres and our cloud hosted environments. The CSOC run a mix of cutting edge commercial and open source technologies to enable identification and remediation of incidents across a wide and complex range of technologies.

Purpose of Role:

The Camelot Security Dev Ops lead will be a vital part of Camelot Global. They will be forward deployed and embedded within the Camelot Global devops team and be the lead for defining and implementing secure working practices.

The Security Dev Ops lead will also be full member of the wider engineering function with the Camelot Security Operations Centre (CSOC) helping to build, improve, automate and maintain the systems required by the CSOC analysts.

Key Accountabilities or Duties:

• Applies best practices and knowledge of internal/external business challenges to improve products, processes or services
• Has developed conceptual and practical expertise in a technical team having used a wide range of technologies.
  
• Has a broad technical skillset and deep understanding of devops and knowledge also of information security and is able to adapt to new technologies quickly.
  
• Leads others to solve complex technical problems; takes a broad perspective to identify innovative solutions
  
• Interprets customer needs; assesses requirements and identifies solutions to non-standard requests
• Assists with the development of strategies and policies aimed at the continuous improvement of own work area
  
• Explains difficult issues and works to build consensus
  
• Makes decisions within guidelines and policies that impact own priorities and allocation of time to meet deadlines.Must be good at taking ownership of situations.
  
• Is accountable for technical contribution to project team
  
• Builds awareness of costs related to own work.
  

Requirements

Skills & Experience:

• AWS and native security services e.g KMS and IAM
• Experience with *nix especially CentOS and RHEL
• Ansible, Terraform
• Docker
• Python, Bash and use of GIT SCM
• Public Key Infrastructures
• Logging: e.g. ELK, Graylog or Splunk
• Test frameworks for automated testing/compliance e.g. ServerSpec, InSpec or TestInfra
• Knowledge of AWS cloud adoption framework and implementation practices
• Testing, deploying and working with web services using SOAP and REST interfaces
• Ability to write complex regular expressions
• Demonstrable experience of troubleshooting and problem solving under pressure

Desirable:

• Experience working in a Security Operations Centre or Information Security function;
• A qualification or certification in information security e.g. CISSP

Benefits