Senior Cyber Security Engineer
The Opportunity
We are seeking a highly skilled and experienced Senior Cybersecurity Engineer with a strong background in Application and Cloud Security. This role is ideal for a candidate with deep DevSecOps expertise, a solid understanding of AWS Cloud security architecture, and hands-on experience in designing and configuring cloud security processes, controls, automations, and technologies. Strong communication and organizational skills are essential.
As a key contributor, you will be involved in the day-to-day security operations of our cloud-native environments, participating in design, project management, and reporting activities to ensure compliance with our firm’s policies and the security of our IT and digital assets.
This is a unique opportunity for a cybersecurity professional to expand their technical and soft skills while working in the dynamic Web3/crypto ecosystem.
Key Responsibilities
In this role, you will:
Lead and manage daily operations of our cloud security environments.
Deploy and support various security tools and products, including CSPM, CNAPP, DevSecOps tooling, and automation.
Develop and execute corrective action plans to mitigate identified risks.
Secure the development pipeline by integrating automated security checks, managing secrets, and ensuring compliance with SSDLC policies.
Architect and implement security solutions within AWS, including secure container architectures, orchestration, and runtime security measures.
Analyze complex technical issues, conduct research and testing, and propose effective solutions.
Validate and implement cloud security controls, maintaining a cloud security posture that aligns with the firm’s risk appetite.
Remediate vulnerabilities, perform continuous monitoring, and coach teams on patching and corrective actions.
Apply the organization's cybersecurity strategy and ensure governance of the public cloud infrastructure.
Generate and analyze KPIs and KRIs, and develop action plans based on findings.
Collaborate with cross-functional teams to help the organization achieve certifications such as SOC2.
Contribute to regulatory reporting, red teaming exercises, and penetration testing efforts.
Qualifications and Experience
To excel in this role, you should have:
A bachelor’s degree or higher in Computer Science or a related field (preferred).
An Information Security certification such as CISSP, CISM, or CEH (preferred).
At least 5 years of experience in a security role within a technology environment.
In-depth knowledge of cybersecurity best practices.
Expertise in secure application development and DevSecOps, including tools like Terraform, Ansible, Python, and Git.
Practical experience in additional security domains such as IAM, PKI, Network Security, Endpoint Security, or System Administration.
Hands-on experience in designing and implementing solutions in at least two information security domains.
This confidential position offers a challenging and rewarding opportunity to make a significant impact within our organization. If you have the experience and drive to excel in a fast-paced, innovative environment, we encourage you to apply.
Locke & McCloud are the UK’s leading cyber security & information security staffing company – through having a sole focus on the cyber & information security space we have been able to foster solid relationships with some of the UK’s most exciting cyber security consultancies & end users. Our focus on the information security space allows us to be able to help you find the most exciting.