Cloud Security Engineer

We are seeking a talented individual to join our Information Security team in Liverpool as an Azure-focused Cloud Security Engineer. The Group Information Security function is a dynamic and highly motivated team committed to ensuring that S&W is organizationally and technically secure in a fast-evolving environment with substantial critical assets, systems, and sensitive data to protect across multiple locations.

1. Managing, implementing, and maintaining technical security controls for IAAS, PAAS, and SAAS services supporting various financial and professional services.
2. Building and enhancing capabilities around M365 with E5 licensing, ensuring full utilization and correct configuration of security features.
3. Reviewing and improving technical controls across cloud platforms, including Microsoft Azure and Azure AD.
4. Implementing and reviewing security controls in Azure IAAS environments, ensuring controls are effective and up-to-date.
5. Conducting risk analysis and designing end-to-end security controls for new cloud-based services.
6. Supporting agile project management and squad-based delivery models.
7. Interpreting technical details to identify security gaps and working with change teams to develop secure solutions.
8. Configuring and operating secure cloud networks, load balancers, firewalls, and edge protections.
9. Designing enhancements to cloud security strategies and alerting on relevant events.
10. Defining detailed system security requirements, including encryption, key management, and IAAS design.
11. Implementing Azure security features, including DDoS protection and encryption, with monitoring controls.
12. Facilitating threat modeling exercises and staying updated on the latest cloud security risks and techniques.
13. Developing guidance to solve security issues and recommending enhancements to management.
14. Assisting with security product implementation and ensuring monitoring for breaches or intrusions.
15. Identifying stability concerns via vulnerability scans and impact analysis, developing remediation plans.
16. Focusing on visibility, compliance, and remediation in public cloud security.
17. Applying risk and compliance perspectives to security practices.
18. Maintaining industry contacts to stay informed on standards, technologies, and threats.

• Deep knowledge of Azure cloud platform.
• Experience managing and developing infrastructure in medium to large organizations.
• Azure security configuration, scripting skills, and certifications.
• Experience with network hardware like switches, routers, and domain controllers.
• Knowledge of compliance standards such as CIS, NIST, PCI-DSS, GDPR.
• Strong interpersonal, communication, and leadership skills.
• Ability to work collaboratively, solve problems, and manage risks effectively.

• Degree in Computer Systems, Solutions Infrastructure, or related field, or relevant cloud certifications.

• Competitive salary, private medical insurance, life assurance, pension, hybrid working, generous holidays, and more.

We value diversity and are committed to an inclusive environment. We accommodate needs throughout the application process upon request.