Cloud Security Engineer - Sunderland (Hybrid)

tombola Sunderland, England, United Kingdom

Join to apply for the Cloud Security Engineer - Sunderland (Hybrid) role at tombola

tombola Sunderland, England, United Kingdom

3 days ago Be among the first 25 applicants

Join to apply for the Cloud Security Engineer - Sunderland (Hybrid) role at tombola

Ready to be our next Cloud Security Engineer? We're on the lookout for a tech whiz to join our brilliant team in Sunderland and help us keep things super secure for our players and our business. If you're passionate about cloud security and love a challenge, you're in the right place!

Cloud Security Engineer

At tombola, we take security seriously – but we also like to have a bit of fun while we're at it! As our Cloud Security Engineer, you'll be building on our existing operational security, with a special focus on protecting our cloud infrastructure. You'll be hands-on, designing, implementing, and managing top-notch security solutions across all our cloud environments.

You'll also play a key part in developing our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management – keeping us one step ahead!

What you'll be doing:

• Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security Operations Centre (SOC) capabilities for the business.
• Driving Automation: You'll push for security automation wherever possible and play a big part in evolving our security tooling and services.
• Policy & Standards: You'll champion the adoption and adherence to our InfoSec policy, standards, and guidelines.
• Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats.
• Incident Response: You'll actively monitor for security incidents and jump into action with our incident response teams to contain, investigate, and prevent future security hiccups.
• Defining Controls: You'll help define our operational security requirements and put the right controls in place to keep security risks at bay, all while sticking to regulations and industry best practices.
• Collaboration: You'll work hand-in-hand with our Infrastructure, Platform, and IT Services teams, making the most of a SecOps approach.
• Mentoring: You'll provide guidance and support to less experienced team members, helping them grow.
• Data Loss Prevention (DLP): You'll monitor, maintain, and enhance our DLP controls across email, endpoints, and cloud services.
• Data-Centric Security: You'll champion a data-centric security approach, making sure data classification, handling, and protection are embedded from design to deployment.
• Zero Trust: You'll promote and support Zero Trust Architecture principles, continuously verifying identities, devices, and access requests.
• Security Awareness: You'll develop and maintain internal security awareness materials to educate our staff on evolving threats.
• Attack Simulation: You'll contribute to planning and delivering attack simulation training (like phishing campaigns) to boost user resilience.
• Flutter Collaboration: You'll liaise with other Flutter brands, ensuring our security approaches and technology align.
• Cloud Security Integration: You'll work with development, DevOps, and cloud engineering teams to embed cloud security controls into our CI/CD workflows and infrastructure-as-code.
• Cloud Security Posture: You'll utilise cloud-native and third-party security tools to keep an eye on our cloud security posture and ensure we're always aligned with best practices.
  
  

• Hands-on technical experience supporting security solutions on cloud technology platforms (preferably AWS, including EC2, VPC, IAM, S3, Control Tower, Config, Security Hub) and traditional on-premise environments.
• Awareness of how to secure a mix of Linux, Windows, Apple & Android OS.
• Knowledge of network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre.
• Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR.
• Experience operating and managing SIEM solutions, vulnerability management tools, and secure configuration tooling.
• Ability to use PowerShell and Python scripting for security automation.
• Experience working in or with agile and/or SecOps oriented teams.
• A proven track record of analysing security requirements and applying architectural best practices.
• Previous work experience in an IT, InfoSec, or system administration role.
• Commercial awareness and the ability to balance security needs with operational flexibility.
• Confidence in promoting security best practices across all business levels.
  
  

• Professional qualifications like CompTIA Security+ or AWS certifications.
• Experience contributing to the security architecture and design of cloud-native solutions, including secure workload deployment, cloud network segmentation, and IAM strategies within AWS.
• Proficiency in implementing and managing Cloud Security Posture Management (CSPM) tools.
• Knowledge of Cloud Workload Protection Platforms (CWPP) for securing containers, serverless workloads, and virtual machines.
• Working knowledge of DevSecOps methodologies.
• Ability to contribute to cloud solution threat modelling and secure design reviews.
  
  

• Passion! You're genuinely passionate about your career path and love what you do.
• Communication skills. You can express your ideas clearly, whether you're chatting with technical gurus or non-technical colleagues.
• A desire to learn. We're all about continuous improvement, and we want people who want to improve themselves too.
• Confidence to suggest improvements. Got a brilliant idea? We want to hear it! We're always looking to do things better.
• Highly motivated with a "can do" attitude and the ability to use your own initiative.
• A "down to earth" working style.
• A spirit of fun and engagement!
  
  

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Information Technology
• Industries
  IT Services and IT Consulting

Referrals increase your chances of interviewing at tombola by 2x

Get notified about new Security Engineer jobs in Sunderland, England, United Kingdom.

Durham, England, United Kingdom 2 weeks ago

Durham, England, United Kingdom 2 months ago

Tyne And Wear, England, United Kingdom 2 months ago

Wideopen, England, United Kingdom 1 day ago

Newcastle Upon Tyne, England, United Kingdom 2 months ago

Newcastle Upon Tyne, England, United Kingdom 2 weeks ago

Newcastle Upon Tyne, England, United Kingdom 2 weeks ago

Middlesbrough, England, United Kingdom £25,000.00-£34,000.00 1 day ago

Newcastle Upon Tyne, England, United Kingdom 3 weeks ago

Sunderland, England, United Kingdom 1 month ago

Newcastle Upon Tyne, England, United Kingdom 1 month ago

Newcastle Upon Tyne, England, United Kingdom 2 weeks ago

Newcastle Upon Tyne, England, United Kingdom 1 week ago

Middlesbrough, England, United Kingdom 1 week ago

Newcastle Upon Tyne, England, United Kingdom 1 month ago

Wideopen, England, United Kingdom 1 month ago

Newcastle Upon Tyne, England, United Kingdom 1 week ago

Newcastle Upon Tyne, England, United Kingdom 1 month ago

Newcastle Upon Tyne, England, United Kingdom 2 hours ago

Newcastle Upon Tyne, England, United Kingdom 4 days ago

Wideopen, England, United Kingdom 1 month ago

Middlesbrough, England, United Kingdom 1 week ago

Science Central, England, United Kingdom 3 hours ago

Newcastle Upon Tyne, England, United Kingdom 4 days ago

Newcastle Upon Tyne, England, United Kingdom 1 week ago

County Durham, England, United Kingdom £34,000.00-£36,000.00 1 day ago

Tyne And Wear, England, United Kingdom 6 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.