Senior Cloud & Applications Security Engineer

Are you passionate about cloud security and eager to engineer robust security solutions within AWS and Azure environments? We are seeking Senior Cloud & Application Security Engineers to help our client define and implement its cloud security strategy. If you're an experienced Security Engineering professional excited to work with cutting-edge technology and collaborate with diverse teams, we want to hear from you!

Key Skills:

• Strong understanding of cloud and application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms.
• Experience with AWS, Azure, Kubernetes, Service Mesh, API gateways, and API security (authentication and authorization).
• Proficiency in programming languages such as Python, JavaScript, GoLang, Terraform, CloudFormation (AWS), and Azure Resource Manager (ARM) templates.
• Experience with CI/CD tools and practices, ensuring secure and automated deployment processes.
• Familiarity with Agile methodologies like SCRUM, along with proven project management skills to manage multiple security projects effectively.

Responsibilities

• Security Strategy: Define and execute cloud security strategy, partnering with platform and Site Reliability Engineering (SRE) teams to build robust infrastructure that supports our business.
• Perimeter Security: Establish platform perimeter security by implementing controls at ingress and egress points, including creating and maintaining an edge network with Web Application Firewall (WAF), Distributed Denial of Service (DDoS) protection, and Content Delivery Network (CDN).
• Access Control: Establish an access control baseline focusing on the principle of least privilege and segregation of duties. Monitor and enforce these controls once roles and permissions are set.
• Security Controls: Design, implement, and maintain security controls to prevent, detect, and remediate insecure configurations, including defining and disseminating secure AWS and Azure infrastructure baselines.
• Standards Development: Develop and maintain tailored security standards and guidelines, creating reusable resources for various development teams.
• Cloud Security Services: Establish and manage AWS and Azure security services, including certificate authorities, encryption services, insecure configuration scanners, and security control canaries.

Key Requirements:

• Essential: 5+ years of experience in cloud security engineering, particularly with AWS and Azure, and at least 2+ years in software development.
• Desired: Ability to work independently, take initiative, and maintain a keen attention to detail, ensuring high security standards. Strong communication and interpersonal skills, facilitating effective collaboration with both technical and non-technical teams.

What we offer:

• Salary of £80,000 - £110,000 DOE
• Pension Incentive scheme up to 10% of annual salary, based on company performance.
• Your wellbeing is paramount so you can get away and take 33 Days Holiday per year.
• Private Medical Care (Self after 1 year)
• Learning and Development opportunity with a great base for career development long term.
• Career progression and opportunity to grow with the industries best.
• Refer and Earn Scheme - as we're growing you can earn money by referring people to join us from your network.
• Access to exclusive benefits, free advice and savings from a range of retailers and providers.
• Discounted Products - from day one you'll get a 25% discount
• We all need a little help sometimes, so we offer Free 24/7 Confidential Advice & Colleague Welfare.