Cloud Security Engineer

Looking for a seasoned Cloud Security Engineer to join a vibrant team in the financial services industry. The ideal candidate will be essential in safeguarding the security, confidentiality, integrity, and availability of cloud infrastructure. This position requires the design, implementation, and maintenance of cloud security solutions that adhere to industry regulations and best practices, while ensuring the protection of sensitive financial data.

Client Details

Our client is a FinTech organisation based in Central London

Description

This role requires for a seasoned Cloud Security Engineer to join a vibrant team in the financial services industry. The ideal candidate will be essential in safeguarding the security, confidentiality, integrity, and availability of cloud infrastructure. This position requires the design, implementation, and maintenance of cloud security solutions that adhere to industry regulations and best practices, while ensuring the protection of sensitive financial data.

Key Responsibilities:

1) Cloud Security Strategy & Architecture:

• Design and implement secure cloud architectures in multi-cloud environments (e.g., AWS, Azure, Google Cloud).
• Develop and enforce security standards, policies, and procedures for cloud environments.
• Evaluate and integrate cloud security technologies, such as CASB, CSPM, CWPP, and others.

2) Security Operations:

• Monitor cloud infrastructure for security breaches and respond to incidents promptly.
• Implement and manage security tools for threat detection, vulnerability management, and encryption.
• Conduct regular security assessments, including penetration testing, vulnerability scanning, and cloud configuration reviews.

3) Compliance & Risk Management:

• Ensure compliance with industry regulations (e.g., PCI-DSS, GDPR, SOX) and internal security policies.
• Perform risk assessments to identify and mitigate potential security threats to cloud environments.
• Collaborate with audit teams to ensure the cloud environment meets all regulatory and security standards.

4) Collaboration & Stakeholder Engagement:

• Work closely with DevOps, IT, and application development teams to integrate security best practices into the CI/CD pipeline.
• Provide guidance and training on cloud security best practices to internal teams and stakeholders.
• Liaise with external vendors, partners, and regulators to ensure the alignment of cloud security initiatives.

5) Incident Response & Forensics:

• Develop and maintain incident response plans for cloud environments.
• Lead investigations into security incidents involving cloud infrastructure, coordinating with relevant teams for remediation.
• Perform forensic analysis to identify root causes of security breaches and recommend improvements.

6) Innovation & Continuous Improvement:

• Stay updated on the latest cloud security trends, threats, and technologies.
• Propose and implement innovative solutions to enhance the security posture of the organization's cloud environments.
• Participate in continuous improvement initiatives related to cloud security processes and technologies.

Required Experience:

• 5+ years of experience in cloud security, preferably in the financial services industry.
• Hands-on experience with cloud platforms such as AWS, Azure, and Google Cloud.
• 2+ years proven experience with Terraform or similar IaC language
• 2+ years proven experience in implementing and managing cloud security controls and technologies.
• 2+ years proven Azure security expertise and ability to deploy Azure Policies, blueprints and alike.
• 2+ years Advanced Kubernetes security knowledge and CI/CD security knowledge.

Profile

The successful Cloud Security Engineer will have exposure to the following:

Technical Skills:

• In-depth knowledge of cloud security architecture, best practices, and frameworks (e.g., NIST, CSA, CIS).
• Experience with security automation, orchestration, and DevSecOps practices.
• Proficiency in scripting and programming languages (e.g., Python, PowerShell, Bash) for security automation.
• Strong understanding of encryption technologies, identity and access management (IAM), and network security in cloud environments.
• Familiarity with compliance frameworks applicable to the financial services industry (e.g., PCI-DSS, SOX).

Soft Skills:

• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills, with the ability to convey complex security concepts to technical and non-technical audiences.
• Ability to work independently and as part of a team in a fast-paced environment.

Preferred Qualifications:

• Experience with cloudnative security services (e.g., AWS Shield, Azure Security Center).
• Knowledge of financial industry regulations and standards.
• Experience with Infrastructure as Code (IaC) tools like Terraform or CloudFormation.
• Prior experience in conducting or managing cloud security audits

Job Offer

This role is offering up to £90,000 per annum for the ideal candidate. Plus Pension, Bonus and Share Options.

This role requires 1 day on site per week based in Central London.

This is a 3 stage interview process via teams.