Cloud Security Engineer

Cloud Security Engineer – Platform Operations Team

The Role

As a Cloud Security Engineer within the Platform Operations team, you will play a critical role in securing, monitoring, and continuously improving the organisation’s cloud platform. You will focus on embedding security into platform operations through automation, policy enforcement, threat detection, and incident response.

You will work as part of an agile operations-focused team responsible for maintaining a secure, compliant, and resilient cloud environment. This includes implementing security controls, responding to security events, and ensuring ongoing operational integrity of cloud services.

This role is hands-on and highly collaborative — working closely with Platform Engineering, Platform Design, and the Platform tooling squads to ensure that security is embedded across the full cloud lifecycle, from design through to operations.

You will contribute to the organisation’s cloud transformation by safeguarding platform services and enabling secure, scalable, and compliant cloud adoption.

Key Responsibilities

Security Engineering & Operations

• Implement, configure, and maintain cloud-native security services (e.g., IAM, security groups, WAF, encryption, key management).
• Operate and enhance security tooling such as CSPM, CWPP, SIEM, and vulnerability management platforms.
• Monitor cloud environments for security threats, anomalies, and misconfigurations, responding to alerts in a timely manner.
• Perform security incident triage, investigation, and root cause analysis.
• Develop and maintain automated security controls using Infrastructure as Code (IaC) and policy-as-code frameworks.
• Support secure configuration and hardening of cloud resources and platform services.
• Work with Platform Operations to ensure secure day-to-day running of cloud environments.

Security, Compliance & Governance

• Enforce cloud security standards, baselines, and guardrails aligned with organisational policies.
• Support compliance initiatives (e.g., ISO 27001, NIST, CIS benchmarks) through continuous control validation.
• Conduct regular security assessments, vulnerability scans, and remediation tracking.
• Ensure audit readiness through proper logging, monitoring, and evidence collection.
• Collaborate with the Platform tooling squad to align with governance, risk, and FinOps practices.
• Promote least privilege access and strong identity and access management controls.

Collaboration & Incident Response

• Work closely with Platform Engineering to embed security into CI/CD pipelines and IaC templates.
• Partner with Platform Design to ensure security-by-design principles are applied to architecture.
• Participate in incident response processes, including on-call rotations if required.
• Contribute to post-incident reviews and continuous improvement of detection and response capabilities.
• Provide security guidance and support to engineering and application teams.

Automation & Continuous Improvement

• Identify opportunities to automate security processes, controls, and remediation activities.
• Develop reusable security modules, scripts, and playbooks.
• Continuously improve monitoring, alerting, and response capabilities.
• Stay current with emerging cloud security threats, vulnerabilities, and best practices.
• Contribute to internal security standards, documentation, and knowledge sharing.

The Person

Experience

• 3-5 years’ experience in cloud security, security engineering, or cloud operations roles.
• Hands-on experience with cloud platforms (AWS, Azure, or GCP), particularly security services.
• Experience with Infrastructure as Code tools (e.g., Terraform, CloudFormation, Bicep) in a security context.
• Familiarity with security tooling such as SIEM, CSPM, vulnerability scanners, or endpoint protection platforms.
• Understanding of identity and access management, network security, encryption, and secure cloud architecture.
• Experience with monitoring, logging, and incident response processes.
• Knowledge of scripting or automation (Python, PowerShell, Bash).
• Relevant certifications (preferred): AWS Security Specialty, Azure Security Engineer Associate, or similar.

Skills & Attributes

• Strong security mindset with attention to detail and risk awareness.
• Analytical thinker with strong problem-solving and incident investigation skills.
• Collaborative team player with the ability to influence and guide others on security best practices.
• Proactive and curious — stays up to date with evolving threats and technologies.
• Passionate about automation, security engineering, and cloud best practices.
• Organised and self-motivated, comfortable working in a fast-paced operational environment.

Reporting Line

Reports to: Platform Operations Lead
Works closely with: Platform Engineering, Platform Design, Platform Tooling, and Organisation security teams.

Career Path

This role provides a development pathway toward Senior Cloud Security Engineer, Cloud Security Architect, or Security Operations Lead, with opportunities to deepen expertise in cloud security architecture, threat detection and response, and security strategy.