Cloud Security Engineer

Reapit is the original end-to-end business technology provider for estate agencies of all sizes. We’ve been helping sales and lettings agents build relationships and grow their businesses for more than 25 years. Our technology empowers property professionals across Europe, the Middle East, Australia, and New Zealand to work with buyers, sellers, tenants, and landlords to deliver a dream home experience. Worldwide, over 78,000 agents across more than 15,000 branches use Reapit to run their businesses, manage properties, collect rent, engage clients, and provide outstanding customer service every time.

What you’ll be doing:

• Reporting directly to the CISO, you’ll play a critical role in strengthening and maturing Reapit’s cloud security posture. Your work will span hands-on security engineering, deep incident response, proactive threat detection, and collaboration with global teams.

Security Engineering & Cloud Security:

• Design, implement, and enhance secure Cloud infrastructure, services, and applications in collaboration with DevOps teams.
• Conduct ongoing security assessments, configuration reviews, and audits of AWS environments to identify vulnerabilities and recommend remediation.
• Implement and maintain cloud security controls aligned to ISO 27001, NIST and cloud security best practices.
• Develop security automation tooling, scripts, and infrastructure as code processes to streamline security operations.
• Take ownership of security engineering projects, delivering them end to end with strong attention to detail and high-quality documentation.
• Work in a self-managing, proactive manner — anticipating security needs, identifying gaps, and driving improvements without close supervision.
• Respond to SOC alerts for our outsourced SOC.
• Lead and participate in global incident response activities, including investigation, containment, eradication, and recovery.
• Perform advanced log analysis, digital forensics, and threat validation using AWS native and third-party tooling.
• Monitor AWS/Azure and application security alerts, responding quickly and decisively.
• Participate in out of hours when required (Time in Lieu given), including early morning collaboration with Australia-based teams and responding to major incidents.
• Document all incident activity clearly and thoroughly in tickets, knowledge bases, and post-incident reports.
• Carry out threat models and review log ingestion and alerting with the SOC.

Security Collaboration & Enablement:

• Provide expert guidance and mentorship to development, engineering and operations teams.
• Collaborate across multiple time zones, contributing proactively and reliably to global security initiatives.
• Stay ahead of emerging cloud threats, AWS security tooling, and defensive techniques, champion their adoption across the organisation.
• Produce clear, detailed, and structured documentation for tickets, processes, runbooks, and security standards.

Who we’re looking for:

• Minimum 3 years’ hands-on experience in cloud security or security engineering within an AWS focused DevOps environment.
• Strong technical proficiency across AWS services including IAM, VPC, EC2, S3, RDS, Lambda, and core networking concepts.
• Deep, practical experience in incident response, including digital forensics, log analysis, threat detection, and handling security incidents end to end.
• Experience with AWS security tooling such as Security Hub, GuardDuty, Detective, CloudTrail, CloudWatch, Inspector, and related cloud native controls.
• Practical experience with scripting (Python preferred) and Infrastructure as Code tooling such as Terraform.
• Solid understanding of ISO 27001, NIST CSF, and cloud security best practices.
• Familiarity with commonly used open-source security testing tools (e.g., BurpSuite, ZAP, Nikto, Metasploit, SQLmap).
• Highly self-managing, able to take ownership of work, prioritise effectively, and drive tasks to completion with minimal oversight.
• Proactive in identifying security gaps, recommending improvements, and staying ahead of emerging threats.
• Strong attention to detail, especially in technical execution, documentation, and ticketing.
• Excellent communication skills, able to work with both technical and non-technical teams across multiple time zones.
• Comfortable participating in out of hours incident response when required.
• AWS Certified Security – Specialty.
• Exposure to threat intelligence, cloud forensics, or advanced SOC workflows.
• Experience working in a global or distributed security team.

What your impact and success looks like:

• Within 1 month: Familiarity with Company Policies and Security Infrastructure, Familiarity with AWS Security Best Practices and the business Setup.
• Within 3 months: Security Incident Handling and Remediation, Security Automation and Tooling, Security Compliance and Auditing, Collaboration with Development Teams.
• Within 6 months: Threat Modelling and Risk Assessment, Security Incident Management.

What’s in it for you?

We operate a Flexible Working Policy and we would like for you to work from our London office, 2 days a week. We’re offering the chance to really make a difference here at Reapit and the opportunity for personal growth is very real.

We care about our industry and want it to become a more inclusive and diverse place to work. So, we’re driven by hiring not only by experience and relevance for the role but by sharing our values and the right attitudes and behaviours for success. We are committed to Equal Employment Opportunity through attracting and retaining a complementary team of employees and building an inclusive environment for all. We feel we have an empowering environment where everyone is supported and respected, and we want you to feel this too. We welcome new ideas, thinking and approaches, whilst listening to all our employees.