Control Plane Limited
Principal Cloud Native Security Consultant London - Hybrid (2 days in office per week) Report To: Security Engineering Manager Job Location: London - Hybrid (2 days in office per week) Employment Status: Full Time Salary: Competitive and Market Based Who is ControlPlane? ControlPlane is a London headquartered consultancy specialising in cloud-native, Kubernetes, and open source solutions. Our expertise lies in helping organisations adopt and secure complex cloud infrastructures by implementing security measures that are "secure-by-design" and "secure-by-default." This engineering excellence has driven ControlPlane deeper into cybersecurity providing services like threat modelling, penetration testing, and supply chain security to ensure robust protection against cyberattacks in containerised and cloud-native environments. We are acclaimed for our contributions to securing highly regulated industries, such as finance, healthcare, and national infrastructure. We help businesses improve their security posture through services like DevSecOps consulting, zero-trust architectures, and platform engineering. ControlPlane also focuses on advancing best practices in the Kubernetes ecosystem, offering specialised training and community engagement. Our clients range from multinational banks to tech giants and public clouds, where we assist with both security and operational needs. In addition to consulting, we are active in the open source community, supporting projects like Flux CD and providing security tools for Kubernetes environments. Over the coming years you'll see us retain our focus on solving difficult problems for clients with intense security controls using pragmatic, real world solutions. Taking our extensive R&D to help organisations consume next generation and open source projects safely and securely - that might be extending our work with FINOS AI Readiness or the overhaul of open source supply chain security. What We're Looking For in a Principal Cloud Native Security Consultant: As a Principal level consultant you will represent the technical and cultural values of ControlPlane, leading our customers by example in the complex and fast-changing world of cloud native technology. You will assume end to end responsibilities accross a mix of client consulting and internal projects You will be comfortable leading engagements and defining end-to-end security architectures for cloud infrastructure, through a mixture of threat modelling and proof of concepts. You will also have insight into security operations and incident response for cloud environments, with experience of defining events, SOC integration & engineering and running table top exercises for incident response We're looking for principal level skill sets. You should have strong knowledge of container and cloud security architecture principles, and you enjoy getting hands-on, experimenting with cloud infrastructure, and want to expand your horizons in this area. You value transparency and candid feedback, and are driven by a strong desire to become the best you can be. ControlPlane thrives on community participation and collaboration through meetups and conferences, working groups, and training. We encourage our employees to be passionate about sharing information with friends and colleagues. You may be asked to: - Actively participate to Special Interest Groups and Technical Advisory Groups with our business partners, collaborators, and friends - Deliver Kubernetes Security and Kubernetes Threat Modeling training - Attend conferences and meetups in the UK and abroad This is a unique job role within a successful start-up company where you will have the chance to make a positive impact, learn, grow and work with great colleagues who consistently challenge the status quo. Roles, Responsibilities and Requirements of Our Cloud Native Security Consultant: Experience of leading Threat Modelling engagements or designing Cloud Native security architectures (AWS, GCP, Azure) Security Operations and Incident Response experience within a cloud environment, including defining events, SOC engineering and running table top exercises Consulting experience including managing engagements, running workshops and presenting to project security authorities. Kubernetes and container experience (some of EKS, GKE, AKS, OpenShift, and container runtimes) DevSecOps principles and Engineering practices CI/CD experience, automating security tests and hardening pipelines Knowledge of security tooling from enterprise tools such as Aqua, Prisma Cloud, Sysdig, Splunk and Logrythm to Open Source tools such as falco, kube-hunter, and kube-bench. Knowledge and experience of hardening guides, compliance standards and MITRE ATT&CK and Adversary Tools, Techniques and Procedures. Security related qualifications such as OSCP, Cloud Provider Security certifications, or CISSP A desire to learn, or experience with: CLI tooling in any of the above technologies. Golang or Python Vault, service mesh, in-toto, Tekton Chains, SPIFFE, and/or Sigstore Terraform and cloud infrastructure best practices (IaC, regulated systems) ControlPlane is a dynamic, cutting edge and passionate business for which to work. Our employees are the heart of our business, which means we care about our company culture and our employees' wellbeing and progression. Alongside this, as our colleague you will have the following benefits: Generous and competitive salary Bonus 33 days of paid holiday, including paid leave for the standard 8 UK Bank Holidays Cycle to Work scheme Enhanced Parental Leave Private Medical insurance An individual training budget for personal development, including but not limited to: Training (books, courses, coaching, as well as internal training which is of course included beyond budget) Qualifications Conferences 10 days for training 7.5 days to attend and present at conferences 10 days company research and development time We believe our peers are equally as important as the technology we use. We're looking for people of the highest personal calibre, quietly confident, with a good work ethic, keenness to learn, emotional maturity and respect, who know that "we" is more than "me", and who embrace human diversity of all kinds. As we grow you will help us to build a company culture of which we can all be proud. If you espouse these values, we want you! NOTE FOR RECRUITMENT AGENCIES: Please do not call or email our team speculatively, we do not accept unsolicited CVs. Apply for this job indicates a required field First Name Last Name Preferred First Name Email Phone Resume/CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf
Principal Cloud Native Security Consultant London - Hybrid (2 days in office per week) Report To: Security Engineering Manager Job Location: London - Hybrid (2 days in office per week) Employment Status: Full Time Salary: Competitive and Market Based Who is ControlPlane? ControlPlane is a London headquartered consultancy specialising in cloud-native, Kubernetes, and open source solutions. Our expertise lies in helping organisations adopt and secure complex cloud infrastructures by implementing security measures that are "secure-by-design" and "secure-by-default." This engineering excellence has driven ControlPlane deeper into cybersecurity providing services like threat modelling, penetration testing, and supply chain security to ensure robust protection against cyberattacks in containerised and cloud-native environments. We are acclaimed for our contributions to securing highly regulated industries, such as finance, healthcare, and national infrastructure. We help businesses improve their security posture through services like DevSecOps consulting, zero-trust architectures, and platform engineering. ControlPlane also focuses on advancing best practices in the Kubernetes ecosystem, offering specialised training and community engagement. Our clients range from multinational banks to tech giants and public clouds, where we assist with both security and operational needs. In addition to consulting, we are active in the open source community, supporting projects like Flux CD and providing security tools for Kubernetes environments. Over the coming years you'll see us retain our focus on solving difficult problems for clients with intense security controls using pragmatic, real world solutions. Taking our extensive R&D to help organisations consume next generation and open source projects safely and securely - that might be extending our work with FINOS AI Readiness or the overhaul of open source supply chain security. What We're Looking For in a Principal Cloud Native Security Consultant: As a Principal level consultant you will represent the technical and cultural values of ControlPlane, leading our customers by example in the complex and fast-changing world of cloud native technology. You will assume end to end responsibilities accross a mix of client consulting and internal projects You will be comfortable leading engagements and defining end-to-end security architectures for cloud infrastructure, through a mixture of threat modelling and proof of concepts. You will also have insight into security operations and incident response for cloud environments, with experience of defining events, SOC integration & engineering and running table top exercises for incident response We're looking for principal level skill sets. You should have strong knowledge of container and cloud security architecture principles, and you enjoy getting hands-on, experimenting with cloud infrastructure, and want to expand your horizons in this area. You value transparency and candid feedback, and are driven by a strong desire to become the best you can be. ControlPlane thrives on community participation and collaboration through meetups and conferences, working groups, and training. We encourage our employees to be passionate about sharing information with friends and colleagues. You may be asked to: - Actively participate to Special Interest Groups and Technical Advisory Groups with our business partners, collaborators, and friends - Deliver Kubernetes Security and Kubernetes Threat Modeling training - Attend conferences and meetups in the UK and abroad This is a unique job role within a successful start-up company where you will have the chance to make a positive impact, learn, grow and work with great colleagues who consistently challenge the status quo. Roles, Responsibilities and Requirements of Our Cloud Native Security Consultant: Experience of leading Threat Modelling engagements or designing Cloud Native security architectures (AWS, GCP, Azure) Security Operations and Incident Response experience within a cloud environment, including defining events, SOC engineering and running table top exercises Consulting experience including managing engagements, running workshops and presenting to project security authorities. Kubernetes and container experience (some of EKS, GKE, AKS, OpenShift, and container runtimes) DevSecOps principles and Engineering practices CI/CD experience, automating security tests and hardening pipelines Knowledge of security tooling from enterprise tools such as Aqua, Prisma Cloud, Sysdig, Splunk and Logrythm to Open Source tools such as falco, kube-hunter, and kube-bench. Knowledge and experience of hardening guides, compliance standards and MITRE ATT&CK and Adversary Tools, Techniques and Procedures. Security related qualifications such as OSCP, Cloud Provider Security certifications, or CISSP A desire to learn, or experience with: CLI tooling in any of the above technologies. Golang or Python Vault, service mesh, in-toto, Tekton Chains, SPIFFE, and/or Sigstore Terraform and cloud infrastructure best practices (IaC, regulated systems) ControlPlane is a dynamic, cutting edge and passionate business for which to work. Our employees are the heart of our business, which means we care about our company culture and our employees' wellbeing and progression. Alongside this, as our colleague you will have the following benefits: Generous and competitive salary Bonus 33 days of paid holiday, including paid leave for the standard 8 UK Bank Holidays Cycle to Work scheme Enhanced Parental Leave Private Medical insurance An individual training budget for personal development, including but not limited to: Training (books, courses, coaching, as well as internal training which is of course included beyond budget) Qualifications Conferences 10 days for training 7.5 days to attend and present at conferences 10 days company research and development time We believe our peers are equally as important as the technology we use. We're looking for people of the highest personal calibre, quietly confident, with a good work ethic, keenness to learn, emotional maturity and respect, who know that "we" is more than "me", and who embrace human diversity of all kinds. As we grow you will help us to build a company culture of which we can all be proud. If you espouse these values, we want you! NOTE FOR RECRUITMENT AGENCIES: Please do not call or email our team speculatively, we do not accept unsolicited CVs. Apply for this job indicates a required field First Name Last Name Preferred First Name Email Phone Resume/CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf
Control Plane Limited
Job Title: Senior Cloud Native Security Consultant Report To: Security Engineering Manager Job Location: Remote and/or London (right to work in UK or EU required) Employment Status: Full Time Salary: Competitive and Market Based Who is ControlPlane? ControlPlane is a London headquartered consultancy specialising in cloud-native, Kubernetes, and open source solutions. Our expertise lies in helping organisations adopt and secure complex cloud infrastructures by implementing security measures that are "secure-by-design" and "secure-by-default." This engineering excellence has driven ControlPlane deeper into cybersecurity providing services like threat modelling, penetration testing, and supply chain security to ensure robust protection against cyberattacks in containerised and cloud-native environments. We are acclaimed for our contributions to securing highly regulated industries, such as finance, healthcare, and national infrastructure. We help businesses improve their security posture through services like DevSecOps consulting, zero-trust architectures, and platform engineering. ControlPlane also focuses on advancing best practices in the Kubernetes ecosystem, offering specialised training and community engagement. Our clients range from multinational banks to tech giants and public clouds, where we assist with both security and operational needs. In addition to consulting, we are active in the open source community, supporting projects like Flux CD and providing security tools for Kubernetes environments. Over the coming years you'll see us retain our focus on solving difficult problems for clients with intense security controls using pragmatic, real world solutions. Taking our extensive R&D to help organisations consume next generation and open source projects safely and securely - that might be extending our work with FINOS AI Readiness or the overhaul of open source supply chain security. What We're Looking For in a Senior Cloud Native Security Consultant We are looking for Senior Cloud Native Security Consultants to represent the technical and cultural values of ControlPlane, leading our customers by example in the complex and fast-changing world of cloud native technology. You will perform a mix of client consulting, working on internal labs projects, and contributing to Open Source projects on ControlPlane's behalf. You will define end-to-end security architectures for cloud infrastructure platforms and CI/CD pipelines, through a combination of Threat Modelling and Proof of Concepts, and High and Low Level Designs. You will also be comfortable with modern software development frameworks such as Agile, SCRUM or XP and have development experience with Python, including modern tools such as black, mypy and flake8. We're looking for mid-to-senior level skill sets. You should have strong knowledge of container and cloud security architecture principles, and you enjoy getting hands-on, experimenting with cloud infrastructure, and want to expand your horizons in this area. You value transparency and candid feedback, and are driven by a strong desire to become the best you can be. ControlPlane thrives on community participation and collaboration through meetups and conferences, working groups, and training. We encourage our employees to be passionate about sharing information with friends and colleagues. You may be asked to: - Actively participate to Special Interest Groups and Technical Advisory Groups with our business partners, collaborators, and friends - Deliver Kubernetes Security and Kubernetes Threat Modeling training - Attend conferences and meetups in the UK and abroad This is a unique job role within a successful start-up company where you will have the chance to make a positive impact, learn, grow and work with great colleagues who consistently challenge the status quo. Roles, Responsibilities and Requirements of Our Cloud Native Security Consultant: Kubernetes and container experience (some of EKS, GKE, AKS, OpenShift, and container runtimes) Experience of Threat Modelling and designing Cloud Native security architectures (AWS, GCP, Azure) Understanding of CD/CD best practices and a range of deployment tools, such as Kubernetes, Helm and bash scripting Consulting experience including strong soft-skills to manage clients, processes and tasks in highly-regulated enterprise environments. DevSecOps principles and Engineering practices CI/CD experience, automating security tests, and hardening pipelines Knowledge of security tooling from enterprise tools such as Aqua, Prisma, Sysdig, Lacework, etc to Open Source tools such as falco, kube-hunter, and kube-bench. Knowledge and experience using hardening guides, compliance and risk management standards Security related qualifications such as OSCP, Cloud Provider Security certifications, or CISSP A desire to learn, or experience with: CLI tooling in any of the above technologies. Golang or Python Terraform and cloud infrastructure best practices (IaC, regulated systems) Vault, service mesh, in-toto, Tekton Chains, SPIFFE, and/or Sigstore experience is a plus ControlPlane is a dynamic, cutting edge and passionate business for which to work. Our employees are the heart of our business, which means we care about our company culture and our employees' wellbeing and progression. Alongside this, as our colleague you will have the following benefits: Generous and competitive salary Bonus 33 days of paid holiday, including paid leave for the standard 8 UK Bank Holidays Cycle to Work scheme Enhanced Parental Leave Private Medical insurance An individual training budget for personal development, including but not limited to: Conferences Training (books, courses, coaching, as well as internal training which is of course included beyond budget) Qualifications 10 days for training 7.5 days to attend and present at conferences 10 days company research and development time We believe our peers are equally as important as the technology we use. We're looking for people of the highest personal calibre, quietly confident, with a good work ethic, keenness to learn, emotional maturity and respect, who know that "we" is more than "me", and who embrace human diversity of all kinds. As we grow you will help us to build a company culture of which we can all be proud. If you espouse these values, we want you! NOTE FOR RECRUITMENT AGENCIES: Please do not call or email our team speculatively, we do not accept unsolicited CVs. Apply for this job indicates a required field First Name Last Name Email Phone Resume/CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf
Job Title: Senior Cloud Native Security Consultant Report To: Security Engineering Manager Job Location: Remote and/or London (right to work in UK or EU required) Employment Status: Full Time Salary: Competitive and Market Based Who is ControlPlane? ControlPlane is a London headquartered consultancy specialising in cloud-native, Kubernetes, and open source solutions. Our expertise lies in helping organisations adopt and secure complex cloud infrastructures by implementing security measures that are "secure-by-design" and "secure-by-default." This engineering excellence has driven ControlPlane deeper into cybersecurity providing services like threat modelling, penetration testing, and supply chain security to ensure robust protection against cyberattacks in containerised and cloud-native environments. We are acclaimed for our contributions to securing highly regulated industries, such as finance, healthcare, and national infrastructure. We help businesses improve their security posture through services like DevSecOps consulting, zero-trust architectures, and platform engineering. ControlPlane also focuses on advancing best practices in the Kubernetes ecosystem, offering specialised training and community engagement. Our clients range from multinational banks to tech giants and public clouds, where we assist with both security and operational needs. In addition to consulting, we are active in the open source community, supporting projects like Flux CD and providing security tools for Kubernetes environments. Over the coming years you'll see us retain our focus on solving difficult problems for clients with intense security controls using pragmatic, real world solutions. Taking our extensive R&D to help organisations consume next generation and open source projects safely and securely - that might be extending our work with FINOS AI Readiness or the overhaul of open source supply chain security. What We're Looking For in a Senior Cloud Native Security Consultant We are looking for Senior Cloud Native Security Consultants to represent the technical and cultural values of ControlPlane, leading our customers by example in the complex and fast-changing world of cloud native technology. You will perform a mix of client consulting, working on internal labs projects, and contributing to Open Source projects on ControlPlane's behalf. You will define end-to-end security architectures for cloud infrastructure platforms and CI/CD pipelines, through a combination of Threat Modelling and Proof of Concepts, and High and Low Level Designs. You will also be comfortable with modern software development frameworks such as Agile, SCRUM or XP and have development experience with Python, including modern tools such as black, mypy and flake8. We're looking for mid-to-senior level skill sets. You should have strong knowledge of container and cloud security architecture principles, and you enjoy getting hands-on, experimenting with cloud infrastructure, and want to expand your horizons in this area. You value transparency and candid feedback, and are driven by a strong desire to become the best you can be. ControlPlane thrives on community participation and collaboration through meetups and conferences, working groups, and training. We encourage our employees to be passionate about sharing information with friends and colleagues. You may be asked to: - Actively participate to Special Interest Groups and Technical Advisory Groups with our business partners, collaborators, and friends - Deliver Kubernetes Security and Kubernetes Threat Modeling training - Attend conferences and meetups in the UK and abroad This is a unique job role within a successful start-up company where you will have the chance to make a positive impact, learn, grow and work with great colleagues who consistently challenge the status quo. Roles, Responsibilities and Requirements of Our Cloud Native Security Consultant: Kubernetes and container experience (some of EKS, GKE, AKS, OpenShift, and container runtimes) Experience of Threat Modelling and designing Cloud Native security architectures (AWS, GCP, Azure) Understanding of CD/CD best practices and a range of deployment tools, such as Kubernetes, Helm and bash scripting Consulting experience including strong soft-skills to manage clients, processes and tasks in highly-regulated enterprise environments. DevSecOps principles and Engineering practices CI/CD experience, automating security tests, and hardening pipelines Knowledge of security tooling from enterprise tools such as Aqua, Prisma, Sysdig, Lacework, etc to Open Source tools such as falco, kube-hunter, and kube-bench. Knowledge and experience using hardening guides, compliance and risk management standards Security related qualifications such as OSCP, Cloud Provider Security certifications, or CISSP A desire to learn, or experience with: CLI tooling in any of the above technologies. Golang or Python Terraform and cloud infrastructure best practices (IaC, regulated systems) Vault, service mesh, in-toto, Tekton Chains, SPIFFE, and/or Sigstore experience is a plus ControlPlane is a dynamic, cutting edge and passionate business for which to work. Our employees are the heart of our business, which means we care about our company culture and our employees' wellbeing and progression. Alongside this, as our colleague you will have the following benefits: Generous and competitive salary Bonus 33 days of paid holiday, including paid leave for the standard 8 UK Bank Holidays Cycle to Work scheme Enhanced Parental Leave Private Medical insurance An individual training budget for personal development, including but not limited to: Conferences Training (books, courses, coaching, as well as internal training which is of course included beyond budget) Qualifications 10 days for training 7.5 days to attend and present at conferences 10 days company research and development time We believe our peers are equally as important as the technology we use. We're looking for people of the highest personal calibre, quietly confident, with a good work ethic, keenness to learn, emotional maturity and respect, who know that "we" is more than "me", and who embrace human diversity of all kinds. As we grow you will help us to build a company culture of which we can all be proud. If you espouse these values, we want you! NOTE FOR RECRUITMENT AGENCIES: Please do not call or email our team speculatively, we do not accept unsolicited CVs. Apply for this job indicates a required field First Name Last Name Email Phone Resume/CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf