Cloud Security Engineer. in London

The successful candidate will be a subject matter expert with hands-on experience in a wide range of cloud technologies, tools and methodologies. The role is suited for an experienced Cloud Engineer with a focus on Google Cloud Platform. The candidate must have a proven understanding of enterprise security and will focus on building toolsets and processes to support the Information Security Program (ISP). The team fosters a collaborative environment and is building a best-in-class program to partner with the business to protect the Firm’s information and computer systems. Millennium is a complex and robust technical environment, and securing the Firm from external and internal threats is a top priority.

Principal Responsibilities

• Contribute to the vision, strategy, and drive execution for integrated security controls across Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS) and for Millennium’s Google Cloud Platform (GCP) efforts.
• Able to demonstrate a clear understanding of current risks and threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels.
• Ability to conduct Red Team security testing tasks in GCP to continuously assess security posture in the GCP platform.
• Drive Identity and Access Management (IAM), configuration management, and monitoring strategy for the GCP platform.
• Provide security consultancy and engineering support for cloud security solutions including analysis and development of Google and other security solutions.
• Provide architecture assurance on Cloud security initiatives and compliance of existing security standards interfacing with infrastructure and development teams.
• Maintain the security infrastructure tools that are built on the Cloud platform, providing stability and policies and procedures.
• Support the development and delivery of a comprehensive ISP for the entire organization.
• Actively monitor new and emerging cloud security technologies, trends, issues, and solutions and assess their applicability to MLP’s cloud strategy.
• Perform periodic and on-demand system audits and vulnerability assessments of systems, internal applications and Cloud services to identify security vulnerabilities.
• Monitor compliance with the organization's information security policies and procedures among employees, contractors and third parties.
• Manage remediation efforts for any gaps reported in audits or recommended process improvements.
• Collaborate with IT management, Legal, Human Resources and Compliance departments to manage security vulnerabilities and investigations.
• Provide support to Security and other technical operations staff to ensure smooth turnover from Engineering to Production.
• Liaison with key stakeholders to create and enforce policy including Technology organization, Trading units, Legal, Internal Audit, and Compliance.
• Lead the effort to ensure security compliance in accordance with regulatory security standards required by appropriate governing bodies.
• Develop and maintain documentation of all Security products including specific tools, technologies and processes.

Qualifications/Skills Required

• Bachelor’s degree in Computer Science or Engineering preferred.
• 3+ years experience focusing on Information Security in the financial industry (preferred).
• Solid understanding of GCP security controls and best practices to secure cloud resources in a hybrid environment. Knowledge of VPC Service Controls is a plus.
• Deep expertise with Identity and Access Management (IAM) in GCP, including but not limited to Workload Identity Federation, IAM role usage analysis, Organizational Constraints, Cloud Identity, etc.
• Proficiency in software development and scripting in Python is required.
• Hands-on experience in building security guardrails in GCP to allow for innovation without compromising security posture.
• Demonstrated expertise in Infrastructure as Code tooling using Terraform.
• Strong knowledge and experience in a variety of technologies including UNIX, Networking, Databases, and Storage.
• Strong knowledge of Information security controls.
• Knowledge of software development security and cryptography, AI security.
• Possess a passion for Information Security and Technology.
• Able to prioritise in a fast-moving, high-pressure, constantly changing environment.
• An aptitude for critical thinking and problem solving.
• Ability to communicate and collaborate across teams.
• Comfortable working with a geographically dispersed team.
• CISSP/CCSK or GCP security related certifications is a plus.