Senior Cloud Security Engineer in London

Reapit is the original end-to-end business technology provider for estate agencies of all sizes. We’ve been helping sales and lettings agents build relationships and grow their businesses for more than 25 years. Our technology empowers property professionals across Europe, the Middle East, Australia, and New Zealand to work with buyers, sellers, tenants, and landlords to deliver a dream home experience. Worldwide, over 78,000 agents across more than 15,000 branches use Reapit to run their businesses, manage properties, collect rent, engage clients, and provide outstanding customer service every time.

What you’ll be doing

• Reporting directly to the CISO, you’ll play a critical role in strengthening and maturing Reapit’s cloud security posture.
• Your work will span hands-on security engineering, deep incident response, proactive threat detection, and collaboration with global teams.
• Design, implement, and enhance secure Cloud infrastructure, services, and applications in collaboration with DevOps teams.
• Conduct ongoing security assessments, configuration reviews, and audits of AWS environments to identify vulnerabilities and recommend remediation.
• Implement and maintain AWS security controls aligned to ISO 27001, NIST and cloud security best practices.
• Proficiency in building/configuring SOAR platforms such as Shuffler and Tracecat.
• Develop security automation tooling, scripts, and infrastructure as code processes to streamline security operations.
• Take ownership of security engineering projects, delivering them end to end with strong attention to detail and high-quality documentation.
• Work in a self-managing, proactive manner — anticipating security needs, identifying gaps, and driving improvements without close supervision.
• Respond to SOC alerts.
• Working with our outsourced SOC, lead and participate in global incident response activities, including investigation, containment, eradication, and recovery.
• Perform advanced log analysis, digital forensics, and threat validation using AWS native and third-party tooling.
• Monitor AWS and application security alerts, responding quickly and decisively.
• Participate in out of hours when required (time in lieu given), including early morning collaboration with Australia-based teams and responding to major incidents.
• Document all incident activity clearly and thoroughly in tickets, knowledge bases, and post-incident reports.
• Carry out threat models and review log ingestion and alerting with the SOC.

Security Collaboration & Enablement

• Provide expert guidance and mentorship to development, engineering and operations teams.
• Lead the standups and provide guidance to team members.
• Collaborate across multiple time zones, contributing proactively and reliably to global security initiatives.
• Stay ahead of emerging cloud threats, AWS security tooling, and defensive techniques; champion their adoption across the organisation.
• Produce clear, detailed, and structured documentation for tickets, processes, runbooks, and security standards.

Who we're looking for

• Minimum 5 years’ hands-on experience in cloud security or security engineering within an AWS focused DevOps environment.
• Strong technical proficiency across multiple cloud services including IAM, VPC, EC2, S3, RDS, Lambda, Entra ID, Azure Front Door, Azure Functions, Azure Monitor and core networking concepts.
• Deep, practical experience in incident response, including digital forensics, log analysis, threat detection, and handling security incidents end to end.
• Experience with security tooling such as Security Hub, GuardDuty, Detective, CloudTrail, CloudWatch, Inspector, SIEM (Elastic, Sentinel) and related cloud native controls.
• Practical experience with scripting (Python preferred) and Infrastructure as Code tooling such as Terraform.
• Solid understanding of ISO 27001, NIST CSF, and cloud security best practices.
• Familiarity with commonly used open-source security testing tools (e.g., BurpSuite, ZAP, Nikto, Metasploit, SQLmap).
• Highly self-managing, able to take ownership of work, prioritise effectively, and drive tasks to completion with minimal oversight.
• Proactive in identifying security gaps, recommending improvements, and staying ahead of emerging threats.
• Strong attention to detail, especially in technical execution, documentation, and ticketing.
• Excellent communication skills, able to work with both technical and non-technical teams across multiple time zones.
• Comfortable participating in out of hours incident response when required.
• Exposure to threat intelligence, cloud forensics, or advanced SOC workflows.
• Experience working in a global or distributed security team.

What your impact and success looks like

• Within 1 month: Familiarity with Company Policies and Security Infrastructure, Familiarity with AWS/Azure Security Best Practices and the business Setup, Integration into DevOps Workflow for UK.
• Within 3 months: Familiarity with Company Policies and Security Infrastructure, Familiarity with AWS/Azure Security Best Practices and the business Setup, Integration into DevOps Workflow for UK.
• Within 6 months: Security Incident Management, Integration into DevOps Workflow for EMEA/ANZ, Complete SOAR implementation.

What’s in it for you?

We operate a Flexible Working Policy and we would like for you to work from our London or Solihull office, 2 days a week. We’re offering the chance to really make a difference here at Reapit and the opportunity for personal growth is very real. You’ll feel part of a special team.

We care about our industry and want it to become a more inclusive and diverse place to work. So, we’re driven by hiring not only by experience and relevance for the role but by sharing our values and the right attitudes and behaviours for success. We are committed to Equal Employment Opportunity through attracting and retaining a complementary team of employees and building an inclusive environment for all. We feel we have an empowering environment where everyone is supported and respected, and we want you to feel this too. We welcome new ideas, thinking and approaches, whilst listening to all our employees.