Cloud Security Engineer

Job Overview

The Ministry of Defence (MoD) seeks a Freelance Cloud Security Engineer with to support a critical digital and security transformation project at a secure UK MoD site.

The role focuses on designing, implementing, and maintaining secure cloud and hybrid IT environments to protect classified systems and ensure operational resilience.

The Cloud Security Engineer will work closely with the CIO, cybersecurity teams, and defence contractors to secure cloud infrastructure, integrate threat detection, and ensure compliance with MoD and NCSC standards, contributing to the broader goals of cybersecurity, infrastructure modernisation, and data governance.

• Secure cloud and hybrid IT systems against advanced threats, including APTs.
• Ensure compliance with HMG policies, JSP 440/604, ISO 27001, and NCSC Cloud Security Principles.
• Support digital transformation by enabling secure adoption of cloud technologies.
• Enhance operational continuity through robust cloud security measures.

• Design and implement secure cloud architectures (e.g., AWS, Azure, or government-approved platforms) for MoD systems.
• Configure and manage cloud security controls, including IAM, encryption, and network security groups.
• Conduct cloud-specific vulnerability assessments and penetration testing.
• Integrate threat intelligence and monitoring tools into cloud environments.
• Support incident response for cloud-based security incidents, collaborating with MoD's CSOC.
• Ensure cloud systems meet MoD accreditation and compliance requirements (JSP 440/604, NCSC).
• Implement zero-trust security models and secure DevOps practices in cloud deployments.
• Provide technical expertise to MoD teams on cloud security best practices.
• Document configurations, processes, and security controls for audit and compliance.

• Deploy and secure cloud infrastructure for mission-critical applications.
• Configure secure access controls and data encryption for cloud/hybrid systems.
• Perform regular security assessments to identify and mitigate cloud vulnerabilities.
• Integrate cloud systems with MoD's existing IT and cybersecurity frameworks.
• Support migration of legacy systems to secure cloud environments.

• Active DV clearance.
• 5+ years in cloud security or related cybersecurity roles.
• Expertise in securing cloud platforms (e.g., AWS, Azure, or similar) and hybrid IT environments.
• Knowledge of MoD/government security standards (JSP 440/604, NCSC Cloud Security Principles).
• Experience with cloud security tools (e.g., AWS Security Hub, Azure Sentinel, IAM, VPC).
• Certifications: AWS Certified Security, Azure Security Engineer, CCSP, or equivalent.
• Proven ability to work independently as a freelancer in high-security settings.

• Experience with MoD IT systems or defence contractor projects.
• Familiarity with zero-trust architectures, secure DevOps, or container security (e.g., Kubernetes).
• Knowledge of UK cyber legislation (e.g., Data Protection Act 2018, GDPR).

• Location: Secure MoD site, UK (some travel may be required).
• Engagement: Freelance contract, with flexible hours based on project needs.
• Hours: Full-time availability, with potential out-of-hours support for incidents.

Submit your CV