Senior Security Engineer
Cloud Security - IAC, Python, Cloud (AWS/AZURE/GCP), Cloud Security
Permanent
2 days in London
£70,000 - £95,000 per year (depending on experience)
Key Responsibilities:
Key Skills and Qualifications:
Cloud Security - IAC, Python, Cloud (AWS/AZURE/GCP), Cloud Security
Permanent
2 days in London
£70,000 - £95,000 per year (depending on experience)
Key Responsibilities:
- Design and implement secure cloud architectures (AWS, Azure, GCP) that meet business and compliance requirements.
- Develop and enforce security policies, standards, and best practices for cloud environments.
- Create and manage IAC scripts using tools such as Terraform, CloudFormation, or similar.
- Ensure security is integrated into IAC processes, enabling automated and secure infrastructure deployment.
- Embed security into the CI/CD pipeline to ensure secure software development practices.
- Collaborate with DevOps and development teams to implement and maintain security automation and monitoring.
- Develop and manage cloud security monitoring tools and systems to detect and respond to security incidents.
- Conduct regular security assessments, vulnerability scans, and penetration tests on cloud environments.
- Ensure compliance with industry standards and regulations (e.g., GDPR, HIPAA, PCI-DSS).
- Maintain and update security documentation, policies, and procedures.
- Provide training and guidance to junior engineers and other team members on cloud security best practices.
- Stay updated with the latest security trends, tools, and technologies, and share knowledge within the team.
Key Skills and Qualifications:
- Proficiency in cloud platforms such as AWS, Azure, and Google Cloud Platform.
- Strong programming skills in Python for scripting and automation.
- Expertise in Infrastructure as Code (IAC) using tools like Terraform, CloudFormation, Ansible, or similar.
- Deep understanding of DevSecOps principles and experience with CI/CD pipelines.
- Familiarity with security tools and technologies such as SIEM, IDS/IPS, firewalls, and encryption protocols.
- In-depth knowledge of cloud security frameworks and best practices.
- Experience with security risk assessments, threat modelling, and vulnerability management.
- Strong understanding of network security, identity and access management, and data protection strategies.