Senior Security Engineer
Envitia
full-time
Posted on:
Location Type: Hybrid
Location: Corsham • United Kingdom
Visit company websiteExplore more
Job Level
About the role
- Provide security engineering services as a member of the overall platform engineering service team
- Secure all cloud infrastructure from both a deployment and detection standpoint
- Coordinate and advise other team members on security approaches and industry best practices
- Coordinate with MOD Security Authorities on risks and appropriate technical control options
- Design, implement, manage and continually improve service-wide cloud security controls using the inherent / new security products and features provided on the existing hosting platform(S)
- Architect and enforce Zero Trust and least-privilege models (RBAC, PBAC), restrictions, and platform security controls
- Monitor security control effectiveness and drive continuous improvement of cloud hosting security governance
- Ensure all technical security measures from the boundary to the tenant applications are optimal and exceed the MOD specified minimum base security requirements
Requirements
- Experience with on-premises Security Information and Event Management (SIEM) systems (e.g., Fortinet, Splunk, Elastic)
- Ability to enhance, operate, and manage SIEM services for multi-tenant cloud platforms
- Skills in event triage, escalation, and incident investigation, including collaboration with tenants and central SOC teams
- Familiarity with real-time threat detection, monitoring, and alerting across network, boundary, hosting, and application layers
- Hands-on experience with VMware Cloud Foundation (Incl. Aria operations and NSX-T) and related technologies in air-gapped or restricted environments
- Security best practices, system and OS level security hardening (CISCAT, NIST benchmarking etc) security vulnerability scanning tools such as Nessus
- Experience with infrastructure as code (IaC) tools (e.g., Terraform, Ansible, Packer) and containerization (e.g., Kubernetes, Tanzu) is desirable
- Ability to assist with Business Continuity Planning, Risk and Asset management and AI Security is desirable
- Understanding of MOD security compliance, including UK Security Levels, Secure by Design and NIST frameworks
- Experience in delivering and supporting accredited solutions at multiple classification levels
- CI/CD pipeline security and DevSecOps methodologies
- The successful candidate must be eligible to obtain and maintain a SC level security clearance, DV clearance is preferred.
Benefits
- Annual Leave: 25 days plus your birthday off, with the ability to buy or sell up to five additional days
- Private Healthcare: Comprehensive coverage with additional options for family members
- Training & Skills Development: Ongoing learning opportunities to help you advance your career
- Fitness Reimbursement: Support for gym memberships or fitness-related expenses
- Life Assurance: Extensive life insurance coverage for peace of mind
- Pension Contribution: Competitive options to help you plan for a secure financial future
- Perkbox Subscription: Discounts on a wide range of products and services
- Flexible Work Arrangements: Designed to support work-life balance and personal commitments
- Internal Reward Schemes: Recognition initiatives to celebrate your contributions and achievements
- Community Engagement & Volunteering: Opportunities to support meaningful causes through company-sponsored programs
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
security engineeringcloud securityZero Trustleast-privilege modelsevent triageincident investigationinfrastructure as codeCI/CD pipeline securityDevSecOps methodologiessecurity vulnerability scanning
Soft Skills
collaborationadvisingcontinuous improvementmonitoringrisk managementcommunicationcoordinationproblem-solvingteamworkleadership
Certifications
SC level security clearanceDV clearance