Cyber Security Analyst L4

Position:
Cyber Security Analyst L4 (Contract)

Location:

Norwich or London (Hybrid-2/3 days a week from office)

6 months contract position

JD:
The Cloud Security (Wiz Admin) is responsible for administering, operating, and optimising Aviva's Wiz Cloud Security Posture Management (CSPM/CNAPP) platform. This role ensures continuous visibility, governance, and risk reduction across Aviva's multi‑cloud environments (AWS, Azure, GCP). The administrator will drive operational excellence, support engineering teams, integrate Wiz into enterprise tooling, and maintain policy compliance and posture improvement.

• Own day‑to‑day administration of the Wiz platform across all cloud environments.
• Maintain Wiz connectors, least‑privilege roles, integration points, and scanning configurations.
• Ensure onboarding/offboarding of cloud accounts, subscriptions, and K8s clusters.
• Monitor platform health, ingestion coverage, API integrations, and license utilisation.

• Review, tune, and maintain security policies, controls, and baselines (e.g., CIS, NIST, ISO).
• Validate and enhance attack path analysis, identity risk detection, and data exposure mapping.
• Prioritise findings using impact‑based and exploit‑path‑based logic.
• Partner with Cloud Platform teams to ensure guardrails remain aligned with Wiz detections.

• Work with Dev Ops/SRE teams to embed Wiz in CI/CD pipelines for IaC scanning.
• Run onboarding sessions for teams on using Wiz Issues, Projects, and Policy‑as‑Code.
• Validate false positives/negatives and fine‑tune policy gates for Terraform, ARM/Bicep, and Cloud Formation.

• Support Cloud Security, SOC, and IR teams during investigations involving publicly exposed, exploitable, or high‑risk cloud assets.
• Provide expert analysis on Wiz findings and attack paths; propose remediation and compensating controls.
• Contribute to post‑incident reviews, root‑cause analysis, and long‑term posture improvements.

• Maintain integrations with Jira/ADO, SIEM/SOAR, Slack/Teams, and CMDB/GRC.
• Automate workflows for enrichment, prioritisation, ticketing, and reporting.
• Partner with Engineering to build auto‑remediation playbooks for safe‑to‑fix classes (e.g., public S3, permissive IAM).

• Produce monthly security posture reports for leadership and Risk/Compliance teams.
• Track KPIs (coverage, MTTR, SLA adherence, risk trends).
• Support external and internal audit requests using Wiz's evidence and compliance modules.
• Manage exceptions/waivers and ensure they are reviewed and retired on schedule.

• Strong understanding of AWS, Azure, and GCP security controls and architecture.
• Hands‑on experience with cloud IAM, network security, logging/monitoring, and workload security.
• Familiarity with Kubernetes security and container image scanning.
• Experience operating cloud security platforms (Wiz preferred; alternatives: Prisma, Lacework, Defender for Cloud).
• Working knowledge of Infrastructure‑as‑Code (Terraform strongly preferred).
• Understanding of identity and entitlements management (CIEM).
• Ability to analyse cloud attack paths and map misconfigurations to real exploitable risk.

• Experience integrating security tools into CI/CD pipelines (Azure Dev Ops, Git Hub, Git Lab).
• Knowledge of SAST/DAST/Secret scanning tools.
• Exposure to SRE or Cloud Platform engineering.

• Strong communication skills—able to simplify complex findings for engineering teams.
• Problem‑solving mindset with a bias for automation and scalability.
• Ability to work cross‑functionally with Security, Cloud Platform, Dev Ops, Risk, and Audit.
• Comfortable with influencing teams without formal authority.

Cloud Security Posture Management