FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Senior Cloud Security Engineer, London/Bristol
HealthHeroSenior Cloud Security Engineer responsible for cloud security posture in an AI-driven healthcare company. Collaborating with teams and integrating security within cloud environments (AWS, Azure).
Tech Stack
Tools & technologiesAWSAzureCloudKubernetesTerraform
About the role
Key responsibilities & impact- Champion integration of security testing into CI/CD pipelines across all development teams and usage of automated security gates: SAST, DAST, dependency scanning, secrets detection
- Enable self-serve security tooling for development teams
- Ability to set up development environment
- Own cloud security posture management using Wiz (or similar CSPM)
- Define and enforce cloud security baselines, guardrails, and policies in AWS
- Implement and maintain IaC security scanning for Terraform
- Manage IAM policies, network segmentation, and secrets management
- Configure and tune SIEM (or similar) for cloud-focused detection
- Establish logging, monitoring, and alerting requirements based on threat modelling
- Investigate and respond to cloud security events
- Identify, articulate, and escalate security risks to senior leadership with mitigation plans
- Track and remediate vulnerabilities across infrastructure
- Manage customer initiatives related to due diligence when required
- Support and develop annual programme of Penetration Testing and associated remediations
- Partner with internal and stakeholder management to support any requirements from the security function - particularly governance and accreditation requirements across different countries
- Provide expertise on emerging threats and vulnerabilities
- Support response to customer/client due diligence requests with timely and accurate information regarding vulnerability exposure
Requirements
What you’ll need- Proven experience in application security, DevSecOps, or cloud security
- Strong understanding of cloud networking
- Experience securing cloud environments (AWS, Azure)
- Ability to read and write IAC (Terraform) code, comfortable with IAC lifecycles
- Familiarity with container security and Kubernetes
- Understanding of secure coding, penetration testing techniques, SIEM, and vulnerability management
- Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security and risk analysis
- Understanding of managing Secure Development Lifecycle and Vulnerability Management.
- Understanding and practical experience of ISO27001:2022 controls and audit processes
Benefits
Comp & perks- A full induction training programme, which will be undertaken via Microsoft Teams.
- An opportunity to work as part of an experienced team who are passionate in their field, supportive, diverse and dynamic.
- 25 days leave.
- Bank Holidays and your birthday off as leave.
- Regular 1-2-1s with your line Manager.
- 24/7 on-call staff support.
- Auto-enrolment pension scheme.
- Health Scheme and access to our Employee Assistance Programme.
- Life Insurance Scheme.
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
SASTDASTdependency scanningsecrets detectioncloud security posture managementIaC security scanningIAM policiesnetwork segmentationvulnerability managementpenetration testing
Soft Skills
stakeholder managementcommunicationrisk analysisproblem-solvingleadership
Certifications
ISO27001:2022