Senior Engineer, Cloud Security (Remote - UK)

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior Engineer, Cloud Security in United Kingdom.

This role offers a hands-on opportunity to design, secure, and optimize cloud infrastructure in a fast-growing technology environment. You will work across AWS and expanding GCP platforms, embedding security best practices into infrastructure and DevSecOps processes. Collaborating with engineering teams, you will influence security strategy, implement threat mitigation, and help define incident response procedures. This position requires both deep technical expertise and the ability to communicate security concepts to diverse stakeholders. You will participate in automation, monitoring, and continuous improvement initiatives while contributing to a highly collaborative and innovative culture. The role also includes troubleshooting, on-call responsibilities, and the chance to shape long-term security architecture.

• Define, improve, and maintain the overall cloud security posture across infrastructure, applications, and networks.
• Provide guidance on application, data, and network security to engineering teams, ensuring consistent adoption of policies and best practices.
• Automate secure deployment processes and embed security into DevSecOps workflows.
• Enhance monitoring and alerting systems with relevant security metrics and insights.
• Participate in on-call rotations and troubleshoot security-related incidents.
• Define, implement, and evolve Security Incident Response processes and policies, including regular testing and compliance checks.
• Collaborate with teams to assess threats, manage attack surfaces, and enforce secure cloud configurations.

• Minimum 3 years of experience in Cloud Infrastructure roles, predominantly AWS, with DevSecOps practices.
• Strong proficiency with AWS CLI/API and Infrastructure as Code using Terraform.
• Expertise in cloud security including threat assessment, data security, VPC, IGW, WAF, CloudFront, IAM policies, and trust policies.
• Knowledge of VPN, MFA, SAML, OAuth2, KMS, TLS, and identity provider frameworks (Okta, OneLogin, Auth0).
• Experience building, managing, and securing Docker containers and orchestrated environments.
• Familiarity with code security audits, static/dynamic analysis, and defensive programming practices.
• Programming or scripting experience in Python, Bash, Ruby, Node, Golang, or Java.
• Collaborative mindset with strong problem-solving and communication skills.

• AWS Certified Security Specialist.
• Hands-on experience with GCP security and cloud-native applications.
• Experience defining Security Incident Response processes and ISO27001 certification knowledge.
• Proficiency with monitoring and alerting tools such as Grafana, Prometheus, OpenSearch.
• Offensive or defensive penetration testing experience.

• Flexible working hours with remote work options.
• Competitive salary and comprehensive employment benefits.
• Professional development opportunities and support for continuous learning.
• Collaborative and innovative work environment with global exposure.
• Participation in shaping long-term cloud security architecture and best practices.