Wiz Admin

Wiz Admin

JD:

Role Purpose

The Cloud Security (Wiz Admin) is responsible for administering, operating, and optimising Aviva's Wiz Cloud Security Posture Management (CSPM/CNAPP) platform.

This role ensures continuous visibility, governance, and risk reduction across Aviva's multi-cloud environments (AWS, Azure, GCP).

The administrator will drive operational excellence, support engineering teams, integrate Wiz into enterprise tooling, and maintain policy compliance and posture improvement

Key Responsibilities

Platform Administration & Operations

  • Own day-to-day administration of the Wiz platform across all cloud environments.
  • Maintain Wiz connectors, least-privilege roles, integration points, and scanning configurations.
  • Ensure onboarding/offboarding of cloud accounts, subscriptions, and K8s clusters.
  • Monitor platform health, ingestion coverage, API integrations, and license utilisation.

Cloud Posture Management

  • Review, tune, and maintain security policies, controls, and baselines (eg, CIS, NIST, ISO).
  • Validate and enhance attack path analysis, identity risk detection, and data exposure mapping.
  • Prioritise findings using impact-based and exploit-path-based logic.
  • Partner with Cloud Platform teams to ensure guardrails remain aligned with Wiz detections.

Shift-Left Enablement

  • Work with DevOps/SRE teams to embed Wiz in CI/CD pipelines for IaC scanning.
  • Run onboarding sessions for teams on using Wiz Issues, Projects, and Policy-as-Code.
  • Validate false positives/negatives and fine-tune policy gates for Terraform, ARM/Bicep, and CloudFormation.

Incident & Risk Handling

  • Support Cloud Security, SOC, and IR teams during investigations involving publicly exposed, exploitable, or high-risk cloud assets.
  • Provide expert analysis on Wiz findings and attack paths; propose remediation and compensating controls.
  • Contribute to post-incident reviews, root-cause analysis, and long-term posture improvements.

Integrations & Automation

  • Maintain integrations with Jira/ADO, SIEM/SOAR, Slack/Teams, and CMDB/GRC.
  • Automate workflows for enrichment, prioritisation, ticketing, and reporting.
  • Partner with Engineering to build auto-remediation playbooks for safe-to-fix classes (eg, public S3, permissive IAM).

Governance, Reporting & Compliance

  • Produce monthly security posture reports for leadership and Risk/Compliance teams.
  • Track KPIs (coverage, MTTR, SLA adherence, risk trends).
  • Support external and internal audit requests using Wiz's evidence and compliance modules.
  • Manage exceptions/waivers and ensure they are reviewed and retired on schedule.

Core Technical Skills

  • Strong understanding of AWS, Azure, and GCP security controls and architecture.
  • Hands-on experience with cloud IAM, network security, logging/monitoring, and workload security.
  • Familiarity with Kubernetes security and container image scanning.
  • Experience operating cloud security platforms (Wiz preferred; alternatives: Prisma, Lacework, Defender for Cloud).
  • Working knowledge of Infrastructure-as-Code (Terraform strongly preferred).
  • Understanding of identity and entitlements management (CIEM).
  • Ability to analyse cloud attack paths and map misconfigurations to real exploitable risk.

Nice-to-Have Skills

  • Experience integrating security tools into CI/CD pipelines (Azure DevOps, GitHub, GitLab).
  • Knowledge of SAST/DAST/Secret scanning tools.
  • Exposure to SRE or Cloud Platform engineering.

Soft Skills

  • Strong communication skills-able to simplify complex findings for engineering teams.
  • Problem-solving mindset with a bias for automation and scalability.
  • Ability to work cross-functionally with Security, Cloud Platform, DevOps, Risk, and Audit.
  • Comfortable with influencing teams without formal authority.
Apply Now
Apply Now

Job Details

Company
Infoplus Technologies UK Ltd
Location
London, United Kingdom
Employment Type
Contract
Salary
GBP Annual
Posted