AWS Cloud Engineer / Architect

Background

The Market Abuse Surveillance (MAS) and Compliance - Investment Management teams within Group Compliance conduct surveillance of transactions, orders and communications for Client Bank and Asset Management, respectively. Automated surveillance systems are deployed to detect market abuse in internal transactions and market manipulation. The third-party product (Actimize Surveil-X) for MAS is a SaaS solution running from AWS in the Dublin region, with a backup location in Frankfurt. In order to comply with cloud security guidelines, among other things, we need to establish an AWS key management system (KMS) and a corresponding network in Dublin, complementing the two current AWS customer target zones in Stockholm and Frankfurt.

Scope

Design, implement, document and handover a new “lightweight” AWS customer target zone in Dublin to use KMS services, so that Survail-X can connect to KMS customer vaults to encrypt customer data, so that Survail-X can seamlessly failover to the Frankfurt location with minimal or zero downtime, so that the customer can rotate keys with minimal or zero downtime, and so that the customer can revoke keys at will. Depending on issues such as functional alignment, cloud security guidelines, architecture approvals, organizational responsibilities, resource availability, level of automation of operational procedures, etc.

Description of knowledge and experience

• Proven experience in AWS cloud solution architecture and implementation
• Excellent knowledge with the space of encryption key management
• Proven experience as an IT architect in the financial services industry
• Excellent project management and coordination skills.
• Ability to communicate effectively with stakeholders at all levels

Some technical skills needed

Req. number 38637