Senior Cloud Security Engineer, London/Bristol

Company: Jobtailor
Apply for the Senior Cloud Security Engineer, London/Bristol
Location: London
Job Description:

Responsibilities

  • Champion integration of security testing into CI/CD pipelines across all development teams and usage of automated security gates: SAST, DAST, dependency scanning, secrets detection
  • Enable self-serve security tooling for development teams
  • Ability to set up development environment
  • Own cloud security posture management using Wiz (or similar CSPM)
  • Define and enforce cloud security baselines, guardrails, and policies in AWS
  • Implement and maintain IaC security scanning for Terraform
  • Manage IAM policies, network segmentation, and secrets management
  • Configure and tune SIEM (or similar) for cloud-focused detection
  • Establish logging, monitoring, and alerting requirements based on threat modelling
  • Investigate and respond to cloud security events
  • Identify, articulate, and escalate security risks to senior leadership with mitigation plans
  • Track and remediate vulnerabilities across infrastructure
  • Manage customer initiatives related to due diligence when required
  • Support and develop annual programme of Penetration Testing and associated remediations
  • Partner with internal and stakeholder management to support any requirements from the security function – particularly governance and accreditation requirements across different countries
  • Provide expertise on emerging threats and vulnerabilities
  • Support response to customer/client due diligence requests with timely and accurate information regarding vulnerability exposure

Requirements

  • Proven experience in application security, DevSecOps, or cloud security
  • Strong understanding of cloud networking
  • Experience securing cloud environments (AWS, Azure)
  • Ability to read and write IAC (Terraform) code, comfortable with IAC lifecycles
  • Familiarity with container security and Kubernetes
  • Understanding of secure coding, penetration testing techniques, SIEM, and vulnerability management
  • Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security and risk analysis
  • Understanding of managing Secure Development Lifecycle and Vulnerability Management
  • Understanding and practical experience of ISO27001:2022 controls and audit processes

#J-18808-Ljbffr…

Posted: July 11th, 2026