Overview
In this hybrid role as a Platform Engineer, the contractor will support a UK-based digital consumer brand in ensuring compliance with the CAF 4 framework. This position involves hands-on work with cloud security remediation and producing compliance documentation, while collaborating with internal teams and external suppliers to deliver on critical security objectives across AWS and some GCP environments.
Responsibilities
- Assess current security controls and identify remediation needed for CAF 4 compliance.
- Implement changes across AWS infrastructure and GCP as necessary.
- Produce audit-ready documentation to support compliance outcomes.
- Collaborate with internal teams and third-party suppliers to validate shared security responsibilities.
- Provide weekly progress updates to senior stakeholders on risks and delivery status.
- Focus on supply chain risk, access control, data protection, centralised logging, and incident recovery.
Requirements
- Strong hands-on experience securing AWS environments; working knowledge of GCP is beneficial.
- Experience with cyber security and compliance frameworks such as CAF, NIS, or ISO 27001.
- Solid understanding of IAM, MFA, logging, monitoring, backup, and network segmentation.
- Experience producing technical and compliance documentation for senior stakeholders.
- Ability to operate in a fast-paced delivery environment with immediate impact.
- Strong stakeholder communication skills.