At a Glance
- Tasks: Design and automate security solutions for our cloud infrastructure using cutting-edge technologies.
- Company: Join a forward-thinking tech company prioritising security as a core engineering discipline.
- Benefits: Competitive salary, flexible working hours, and opportunities for professional growth.
- Other info: Dynamic team culture with a focus on innovation and continuous learning.
- Why this job: Make a real impact by solving complex security challenges in a collaborative environment.
- Qualifications: Experience in cloud security or strong programming skills with a focus on security.
The predicted salary is between 70000 - 90000 € per year.
Requirements
- We are primarily looking for experienced Cloud Security Engineers, but we are equally keen to talk to talented Software Engineers who possess strong programming skills and a genuine desire to apply their knowledge to security challenges.
- Engine engineers are motivated by impact and high-quality delivery, regardless of their original tech stack.
- Whether you are a security specialist or a developer with a "security-first" mindset, your place within the team will be shaped by your individual strengths and interests.
- The Builder Mindset: You have a background in software or infrastructure engineering. You find manual work a personal affront and prefer to solve problems through code.
- Polyglot-ish: You are proficient in Go (our preference) or Python.
- Cloud Native: You have deep, practical experience securing AWS or GCP and have managed them at scale using Terraform.
- Container Expert: You understand the nuances of Kubernetes security - from the runtime to the service mesh.
- Identity Mastery: Expert knowledge of cloud identity models.
- Networking: Strong understanding of network protocols (Desirable).
- Experience with Cilium networking or advanced K8s hardening (CKS/CKA) (Desirable).
- Deep knowledge of cryptography management and hardware security modules (Desirable).
- Familiarity with container signing (Sigstore/Cosign) and image provenance (Desirable).
- Cloud-native security certifications (AWS Security Specialist / GCP Professional) (Desirable).
- Experience working with CSA CCM.
What the job involves
- At Engine by Starling, we don't do "checkbox security". We treat security as a first‑class engineering discipline.
- As a Cloud Security Engineer, you will be a hands‑on builder responsible for the security architecture of our multi‑tenant core banking platform.
- You’ll spend your days writing code, automating defenses, and ensuring our infrastructure that spans across AWS and GCP is secure by design and compliant by default.
- This is a highly varied position where you will spearhead efforts to fortify both our infrastructure and application platforms.
- Your mission is to solve complex security problems through code, focusing on three core pillars:
- Identity & Network Security: Engineering robust IAM controls and zero‑trust network architectures. You will lead the way in refining edge‑defense strategies and trust redirection to ensure every request is verified and encrypted.
- Unified Vulnerability Orchestration: Building a custom "single pane of glass" for security data. You will engineer API integrations between scanning engines, dependency trackers, and internal portals to create a seamless, automated vulnerability ecosystem.
- Compliance as Code: Bridging the gap between technical execution and regulatory requirements. You will build the automated systems that provide real‑time evidence for frameworks like SOC 2, ISO 27001 & PCI ensuring we stay compliant without manual overhead.
- You will be a key member of our growing Security Engineering team, working at the intersection of our Infrastructure, Cross‑Cutting, Information Security, and GRC teams.
- At Engine, we believe security should be at the heart of every technical process, not an afterthought.
- You won’t work in a silo; you’ll have close interaction with engineers across the business to deliver a platform that is resilient against evolving threats.
- You won't be manually checking boxes. You will be building the systems that check them for you.
- Security as Code: Design and maintain custom security tooling in Go to automate evidence collection for SOC2/ISO 27001 and remediation of security alerts.
- Infrastructure & IAM: Write and peer‑review Terraform to manage identity and core infrastructure across AWS and GCP, ensuring the principle of least privilege is baked into the foundation and adhering to cloud security standards.
- Pipeline & Supply Chain: Contribute to maintaining the integrity of our software supply chain. You’ll integrate SAST/DAST/SCA tools into our CI/CD pipelines (GitHub Actions/TeamCity) and manage container provenance.
- Cloud Native Defense: Engineer Kubernetes security solutions focusing on Cilium, RBAC, and network policies to protect our microservices.
- Identity & Trust (PKI): Build and maintain our Certificate Authority (CA) tooling and internal PKI infrastructure. You will be a trusted guardian of our cryptographic foundations, participating in Key Ceremonies to ensure the highest level of root‑level security.
- Incident Response & Research: Support the Information Security team and participate in incident response and post‑mortem activities.
Senior Cloud Security Engineer (Automation & Tooling) in London employer: Deepstreamtech
At Engine by Starling, we pride ourselves on fostering a dynamic work culture that prioritises innovation and collaboration. As a Senior Cloud Security Engineer, you will not only tackle complex security challenges but also have access to continuous learning opportunities and cutting-edge technology in a supportive environment. Our commitment to a 'security-first' mindset ensures that your contributions will have a meaningful impact on our core banking platform, all while enjoying the benefits of working in a forward-thinking company located in a vibrant tech hub.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Cloud Security Engineer (Automation & Tooling) in London
✨Tip Number 1
Network, network, network! Get out there and connect with folks in the industry. Attend meetups, webinars, or even online forums. The more people you know, the better your chances of landing that dream job.
✨Tip Number 2
Show off your skills! Create a GitHub repository showcasing your projects, especially those related to cloud security and automation. This is your chance to demonstrate your coding prowess and problem-solving abilities.
✨Tip Number 3
Prepare for interviews by brushing up on common cloud security scenarios and coding challenges. Practice explaining your thought process clearly, as communication is key in technical roles like this one.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace Senior Cloud Security Engineer (Automation & Tooling) in London
Some tips for your application 🫡
Show Off Your Skills:Make sure to highlight your programming skills, especially in Go or Python. We want to see how you can apply your coding expertise to tackle security challenges, so don’t hold back!
Tailor Your Application:Take a moment to customise your application for the role. Mention specific experiences that align with our focus on cloud security and automation. This shows us you’re genuinely interested in the position.
Be Authentic:Let your personality shine through! We value a 'security-first' mindset, so share your passion for security and how it drives your work. Authenticity goes a long way in making your application stand out.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at Deepstreamtech
✨Know Your Tech Stack
Make sure you’re well-versed in the technologies mentioned in the job description, especially Go and Terraform. Brush up on your knowledge of AWS and GCP security practices, as well as Kubernetes security nuances. Being able to discuss these topics confidently will show that you're serious about the role.
✨Showcase Your Builder Mindset
Prepare examples of how you've automated processes or solved security challenges through code. Highlight any projects where you’ve implemented security measures or built tools that improved efficiency. This will demonstrate your proactive approach and alignment with their 'security as a first-class engineering discipline' philosophy.
✨Understand Compliance as Code
Familiarise yourself with compliance frameworks like SOC 2 and ISO 27001. Be ready to discuss how you can bridge technical execution with regulatory requirements. If you have experience building automated systems for compliance, share those stories to illustrate your capability in this area.
✨Engage with the Team's Vision
Research Engine by Starling and understand their mission and values. Be prepared to discuss how you can contribute to their goal of integrating security into every technical process. Showing that you resonate with their vision will help you stand out as a candidate who is not just looking for a job, but is genuinely interested in being part of their team.
