Senior Security Consultant (Cloud Security)

Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business. We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services.\n\nIn the UK we have over 500 staff working in London, Gloucester, Warrington, Leeds or as homeworkers and 130 staff working for global projects\n\nWorking For Claranet\nHere at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean it). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, gym and other benefits.\n\nBut what we think makes us different is ‘Team Claranet,’ our dedicated internal part of the business that supports you with matters close to your heart.\n\nOur Vision\nOur vision is to become the most trusted technology solutions partner; renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders.\n\nPosition Summary\nThe Sr.

Security Consultant (Cloud Security) has responsibility for everything from client projects to development work and training, dealing with large corporate penetration testing. With a focus on large-scale corporate penetration testing, this role demands both technical excellence and strong client engagement skills. The consultant is passionate about uncovering vulnerabilities and translating findings into actionable improvements, while building strong relationships through clear communication and exceptional customer service.\n\nOur team is growing, and we need inspiring people to join us and help us to continue to build a world leading cyber security operation whilst benefiting from the opportunity to fulfil their potential.\n\nBased in India, this work will lead on penetration testing and have the opportunity to work on projects with worldwide clients and will form part of our global team of penetration testers who share research, tooling, experience and collaborate freely on projects.\n\nAs a respected training provider and the leading provider of training at Black Hat conferences, our penetration testers also have the option of developing training skills and delivering security training, to both private customers, at our own events, and at leading international conferences.\n\nObjectives & Key Results\nThe Sr.

Security Consultant (Cloud Security) is part of the Consultancy Team and represents a trusted advisor and subject matter expert in cybersecurity.\nThe key objectives will be to:\nDevelop the Cloud Security training content emphasizing mainly Azure/AWS/GCP\nDeliver high-quality penetration testing and configuration reviews across various cloud technologies such as AWS/Azure/GCP\nProvide expert guidance and recommendations to clients for improving their security posture\nMentor and support junior consultants, helping to grow the team’s overall capabilities\n\nEssential Roles & Responsibilities\nDevelop standard operating procedures and conduct comprehensive training sessions for each technology, ensuring a thorough understanding and adherence to best practices\nA candidate should be willing to deliver the Cloud Security training in various conference remotely or on-site\nConduct research and provide new ideas of the training content, as per the market or latest vulnerabilities or misconfigurations\nCreating comprehensive training materials, including presentations, labs, and documentation\nStaying updated with the latest trends and developments in cloud security\nCustomizing content to align with industry best practices and specific client needs\nContinuously improving and expanding training resources\nPerform cloud penetration testing to identify vulnerabilities or misconfiguration in the client environment\nDevelop documentation, and a knowledge base to be used by penetration tester to conduct review, security assessments\nDevelop and implement the security solution for the current cloud deployment NSS has\nDevelop standard operating procedures and training for each technology\nArchitect and continuously improve security technology stack, process and procedures, support model and cross-function interactions utilizing automation where possible\nDevelop and report Cloud security coverage metrics\nDefine procedures to validate the effectiveness of the design, deployment, and management of security controls that aim to maintain confidentiality, integrity, and availability of Cloud networks and technology platforms\nConduct research to stay up to date with the latest advancements in generative AI, machine learning, and deep learning techniques and identify opportunities to integrate them into our products and services\nConduct thorough reviews and assessments of the utilization of Cloud security tooling, ensuring optimal performance and alignment with security objectives\n\nAdditional Requirements:\nConduct comprehensive penetration tests on various systems, applications, and networks to identify vulnerabilities and weaknesses\nPrepare detailed reports of findings, including risk assessments and remediation recommendations, tailored to technical and non-technical stakeholders\nStay updated with the latest cybersecurity threats and trends and apply this knowledge to enhance testing methodologies\nPossessing relevant industry certifications, such as Offensive Security Certified Professional (OSCP) or CREST certification, would be advantageous\n\nPosition Specifications\nKey Skills & Requirements\nA bachelor’s degree in Cybersecurity, International Security Architecture, or related field; or equivalent work experience in a converged security program\n4-7 years of hands-on experience, preferably with at least one major cloud provider such as GCP, Azure, or AWS\n2+ years of client-facing consulting work experience performing penetration testing\nExperience with Infrastructure as code (Vagrant, Docker, Ansible, Chef, Terraform, or similar)\nA deep understanding of industry standards and best practices in Cloud security, including familiarity with CSA CCM, CIS, NIST benchmarks, and more\nExcellent communication skills (written and verbal) with an ability to explain complex topics in a clear and concise manner to both technical and non-technical audiences\nBasics to intermediate development and scripting skills in at least one programming language\nProven experience in cloud security, including hands-on implementation and management\nExceptional communication and presentation skills\nStrong organizational and time-management abilities\nPassion for sharing knowledge and facilitating learning\nProfessional certifications in cloud security (e.g., AWS Certified Security - Specialist, Azure Security Engineer)\nTechnical knowledge of Kubernetes and Docker technologies and associated security requirements (Kubernetes, Docker, etc.)\nShould have at least one associate-level cloud certification, such as AWS Solutions Architect GCP Associate Cloud Engineer, as a testament to specialized knowledge and expertise\n\nExperience Requirement:\nCandidates must have 4+ years of penetration testing experience\nGitHub Profile: Possession of a GitHub profile showcasing the development of tools to address cloud-related challenges is preferred\n\nCertifications (Nice to Have):\nAWS Certified Security – Specialty\nAWS Certified Solutions Architect Associate\nAZ-500: Microsoft Azure Security Technologies\nAZ-104: Microsoft Azure Administrator