Lead Cloud Security Engineer

Internet connected and smart home products are growing areas for Dyson where we aim to continue our reputation of being innovative and disruptive. Since our first launch of products in connected space, we have grown fast to several millions of connected machines, and we are envisioning a steep growth in 2026 and beyond both in scale and connected features.

We want to build reliable, scalable, and secure services and features to support these increasing demands with innovative and competitive technologies in IoT, Machine Data Lake, Data Analytics and Machine Learning to support our vision.

We have a ‘You build it, you run it’ ethos and run all our services within Amazon Web Services (AWS). Our teams are responsible for the architecture, development, testing, and operational support of their services in all environments. We are a global department with teams located in the UK, Singapore, and China and we encourage flexible, independent, and innovative thinking in our engineers to deliver solutions.

We’re building world‑class cross‑functional Agile teams to deliver our ambitious vision in the connected space.

If you thrive on working in a collaborative, stimulating, dynamic environment and relish difficult software engineering challenges, then we’d like to speak to you!

As a Lead Cloud Security Engineer in the Connected Cloud department, you’ll collaborate with cloud development teams and engineers to secure our cloud‑native IoT platform, associated tooling, and deployed cloud services.

In addition, you will explore innovative ways to improve our overall security posture and deal with common security challenges presented by our cloud workloads.

We primarily leverage AWS to host and secure our services, along with:

• Cloudflare to protect our public facing endpoints
• Palo Alto PrismaCloud for compliance monitoring and adherence with cloud best practices
• Veracode for SAST/SCA for scanning our cloud microservices and containers
• C#, Node.js, and Python to create our services

• Responsible for promoting good security hygiene and best practices
• Defining security requirements, guidelines and policies for our engineers, platforms, tooling and services
• Working alongside our Cloud teams supporting, assisting and advising how to design and build secure services and platforms
• Identifying and assessing our security risks, threats and vulnerabilities and provide a pragmatic approach for applying mitigation where necessary
• Advocating a shifting‑left mentality to ensure possible threats or security issues are addressed early within the development cycle
• Working with the wider software teams to design and improve the security of our current and future products
• Ensuring we comply with regulatory requirements and Dyson security standards
• Identifying new technologies, tools, and approaches to help continually improve our security standards and quality
• Act as point of contact for any security‑related queries or issues and educate our engineers in security best practices
• Investigate and mitigate security incidents and bug bounty escalations

• Experienced in application security workflows in public cloud providers (e.g. AWS)
• Some level of coding experience (in any language)
• Experienced in security tools for software development: SCA, SAST, CSPM, CNAPP, and secrets management
• Experienced in cyber risk and vulnerability management for cloud native workloads, common web‑based connectivity for IoT and mobile devices
• Experienced with supporting audit activities hosted by internal or external parties
• Working knowledge of Web Application Firewalls, ideally Cloudflare
• Working knowledge of Public Key Infrastructure and related operation activities
• Working knowledge of data privacy frameworks/regulations like EU’s GDPR & EU CRA, specifically the responsibilities of a cloud service provider for mobile apps & IoT devices
• Working knowledge in cybersecurity frameworks like CIS or NIST

• Think this sounds fun
• Want to help drive security to the left
• Like resolving complicated problems
• Have experience with some of our technologies and tools
• Have background in either software development or securing solutions

Dyson is an equal opportunity employer. We know that great minds don’t think alike, and it takes all kinds of minds to make our technology so unique. We welcome applications from all backgrounds and employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other any other dimension of diversity.