Apply now »

Identity and Endpoint Security Engineer

Date:  23-Mar-2023
City:  London
Company:  GFT Technologies SE

Identity and Endpoint Security Engineer


What we do?

As a pioneer for digital transformation GFT develops sustainable solutions across new technologies – from cloud engineering and artificial intelligence to blockchain/DLT. With its deep technological expertise, strong partnerships and comprehensive market know-how GFT offers advice to the financial and insurance sectors. We have been recognised for our engineering excellence and work side by side with our clients in an agile way to solve their most challenging problems. Companies gain easy and safe access to scalable IT applications and innovative business models.


Who are we?

GFT are a modern company with a passion for technology that thrives on collaboration with our clients and celebrates success with our team.  We are an organisation that empowers you to not only explore but raise your potential and seek out opportunities that add value. At GFT, diversity, equality, and inclusion are at the core of who we are. Ensuring a diverse and inclusive working environment for all communities is one of the main pillars of our diversity strategy, based on our core values and  culture. We have been certified for 2022/23 as a ‘Great place to work’ in the UK. So, if you want to have the opportunity to work with an outstanding and progressive organisation this position could be right for you.


Role Summary 

We are seeking a passionate end point security technologist with knowledge of identity to join our rapidly expanding Cyber Security Consulting & Delivery team. You will join cloud security engineering teams assigned to client engagements to deliver cloud security and hybrid solutions needed to support complex cloud-based applications. You will serve as a cloud security evangelist, visionary and consultant to provide technical guidance on cloud security architecture and engineering best practices.


Role Responsibilities

This role will carry out some or all of the following activities:

  • Join cloud engineering teams as the security endpoint SME on client cloud engineering or specialist security projects
  • Provide thought leadership to steer solution design on client engagements and internal projects and by authoring technical and opinionated blogs, articles, and whitepapers
  • Identify emerging security technologies and evaluate suitability to improve client solution or bolster GFT offerings
  • Balance best of breed technical implementation with the commercial schedule and work within budget imperatives 
  • Influence, engage, develop, and manage stakeholder relationships on client engagements  
  • Promote GFT services and identify client opportunities
  • Participate in preparing client RFP/RFI responses and client proposals
  • Prepare and deliver articulate and effective presentations/workshops/demos of GFT security offerings in client pre-sales meeting and large audiences at events such as Google Next, AWS re:Invent, community Meetups and internal GFTedTalks and community events
  • Mentor junior engineers and peers with the opportunity to manage small internal teams
  • Assist with the recruitment process to expand the team to meet increasing demand
  • Maintain and expand deep identity and endpoint knowledge, industry trends, and best practices


Competencies and Skills Needed

Behavioural Skills:

  • An ability to apply structured thinking, simplifying complex problems into component parts, to the resolution of project challenges. 
  • Effective communication and interpersonal skills to be able to establish rapport with people at all levels. 
  • An eye for detail and accuracy, and an affinity with design issues and the ability to help establish and own a vision for our solutions. 
  • Organizational ability and tenacity; able to think ahead to establish an efficient and appropriate course of action for self and others. 
  • Take a proactive approach to work, good with handling uncertainty and can manage their work without close supervision. 
  • A strong sense of ownership and a desire to deliver quality outcomes for the business.


Technical Skills:

Some things to bear in mind:

  • Cloud security covers a wide gamut of skills and vendors - we use the interview process to see if someone will fit into a role even if they do not ‘tick’ all the requirements below.
  • We value the ability to gain a deep understanding of a cloud based identity and security platform and then demonstrate that to our clients through good communication, intelligent reasoning and top quality engineering.
  • The security team is intentionally cross-cloud and our aim is to support other engineers across the company and on projects to deploy capabilities like infrastructure-as-code, secrets management, service meshes, PKI infrastructures and more in a secure and robust manner.
  • We recruit people who may be currently AWS or Azure experts – however, as 70% of our work is on Google Cloud, all new members of the team are supported to certify to GCP Professional level.

A suitable candidate would have most of the following attributes:

  • Solid cloud platform expertise ideally backed-up by a professional-level certification and/or security certification (e.g. Google Cloud PCA/PCSE, Azure AZ305/AZ500, AWS SAP/SCS)
  • A platform-neutral broad-based understanding of cloud security, audit and risk qualified by a neutral certification from CompTIA (Security+ or CySA+), CSA (CCSK or CCAK), or ISC2 (SSCP, CCSP or CISSP)
  • Familiarity with modern application architectures and cloud platforms, with an understanding of micro-service applications and the challenges of the migration or transformation of legacy applications
  • Practical knowledge securing cloud foundational services such as compute, network, storage, databases as well as build, deployment and operations
  • Applied knowledge of DevSecOps principles and automated security testing techniques and an appreciation of tooling choices
  • Involvement in assisting architects with the design of security services for hybrid environments including IAM, endpoint security and monitoring of these services
  • Experience implementing cloud-native workload identity and endpoint security
  • Practical knowledge of container, Kubernetes and service mesh security
  • Applied knowledge of security products for threat detection & intelligence, workload protection, posture management, and SIEM/SOAR
  • Experience of frameworks for modelling adversarial behaviour (such as MITRE ATT&CK or STRIDE)
  • Experience hardening and assessing cloud resources following cloud vendor (well-architected frameworks and security blueprints) and neutral security guidance such as from NIST, CIS, and OWASP
  • Knowledge of mobile application identity patterns, roles and rights, federated identity and Active Directory and securing these technologies
  • Applied knowledge of CASB technologies
  • Knowledge of PIM/PAM, toxic combinations when reviewing roles and rights, securing privileged access and identity tooling
  • Knowledge of endpoint security technologies such as EDR, Anti-Virus, ASR, DLP, vulnerability management and patching


What we offer you

At GFT we offer a flexible hybrid working environment. The majority of our roles are determined by client requirements, but the expectation is that you will be required on client site 1 or 2 days a week (this may vary depending on client requirements and could go up or down). From a non-client standpoint, we encourage everyone to travel into a GFT office periodically to build a rapport with the wider GFT team and to ensure you feel connected with your peers/colleagues.


Every individual at GFT co-creates a mapped career path with growth opportunities, the ability to diversify, access to amazing Learning and Development programmes in an environment of collaboration, flexibility and support. We believe that investing in employee development promotes innovation and job satisfaction. The strategic relationships we have with industry leaders gives you unprecedented access to emerging technology and the opportunity to be part of the conversation of the future of digital.


GFT is an equal opportunities employer and we are committed to ensuring our recruitment processes are  inclusive. Selection for employment at GFT will be on the basis of performance and ability. Where possible, GFT will capture applicants’ diversity demographics as part of its recruitment processes to promote it’s DEI agenda. 


Founded in 1987 and located in 15 countries to ensure close proximity to its clients, GFT employs over 10,000 people globally. We provide our people with career opportunities in all areas of software engineering and innovation.


Apply now »