Cyber Security Engineer

Our Culture

CoinShares is an innovative, agile and ambitious organisation. We strive for excellence in everything we do. We are a high performance culture with a focus on:

• Professional and personal integrity
• Curiosity and a deep learning mindset
• Transparency
• Teamwork and collaboration

CoinShares is strongly committed to diversity and inclusion and warmly welcomes candidates from all backgrounds.

The Team

The Cyber Security team exists to protect CoinShares’ digital assets, systems, people and data while enabling the business to operate securely at speed. The team safeguards the firm against cyber threats in a highly regulated, cloud-first environment, ensuring that security is embedded into day-to-day operations and technology decisions rather than treated as a standalone control function. Working closely with all teams, the Cyber Security team designs and maintains a robust security framework that evolves alongside the business. Their work is central to maintaining operational resilience, regulatory confidence and trust in CoinShares as a leading digital asset manager.

Role Profile

We are seeking an experienced and hands-on Cyber Security Engineer with a strong focus on cloud security, particularly AWS, to join our growing security function. Working closely with the Cyber Security Analyst, IT, and DevOps teams, you will be responsible for designing, implementing, and maintaining security controls across CoinShares’ cloud-first environment. This role is responsible for engineering and architectural oversight, working in partnership with the Analyst’s monitoring and response activities. You will play a key role in strengthening CoinShares’ security posture in a highly regulated financial environment, ensuring scalable, resilient, and secure cloud infrastructure.

Responsibilities

• Design, implement, and maintain security controls across AWS environments.
• Configure, manage, and optimise AWS GuardDuty, including alert tuning, findings triage workflows, and integrations with SIEM and incident response processes.
• Lead cloud security monitoring, detection engineering, and preventative control design.
• Work closely with the Cyber Security Analyst on incident response, providing technical expertise during investigations.
• Implement and manage cloud-native security services (e.g. AWS Security Hub, IAM, CloudTrail, VPC security controls).
• Partner with DevOps and engineering teams to embed security into CI/CD pipelines and infrastructure-as-code.
• Conduct cloud security architecture reviews and threat modelling for new systems and services.
• Support vulnerability management and remediation efforts across cloud and hybrid environments.
• Contribute to compliance initiatives (e.g. ISO 27001, SOC 2) through control design, evidence generation, and audit support.
• Develop and maintain security standards, patterns, and technical documentation.
• Continuously evaluate emerging cloud security threats and recommend improvements.

Experience & Qualifications

• 5+ years’ experience in a cyber security engineering, cloud security, or infrastructure security role.
• Strong hands-on experience securing AWS environments in production.
• Bachelor’s degree in Cyber Security, Computer Science, Information Technology, or equivalent practical experience.
• Relevant certifications are desirable (e.g. AWS Security Specialty, CISSP, CCSP, GSEC).
• Experience in the financial services sector or other regulated environments would be advantageous.

Core Skills

• Demonstrated understanding of cloud security concepts, particularly within AWS.
• Hands-on experience configuring and operating AWS GuardDuty.
• Strong knowledge of AWS IAM, networking (VPCs, security groups, NACLs), logging, and monitoring.
• Experience with cloud security posture management and vulnerability management tools (e.g. Wiz, Qualys, Rapid7).
• Familiarity with infrastructure-as-code and automation (e.g. Terraform, CloudFormation).
• Solid understanding of security frameworks and regulatory requirements (NIST, CIS, ISO 27001, GDPR).
• Ability to design security controls that scale in fast-moving, cloud-native environments.
• Strong problem-solving skills with a pragmatic, risk-based mindset.
• Excellent written and verbal communication skills, with the ability to explain complex technical issues to non-security stakeholders.