Senior Cyber Security Engineer

​Senior Cyber Security Engineer

The Opportunity

We are seeking a highly skilled and experienced Senior Cybersecurity Engineer with a strong background in Application and Cloud Security. This role is ideal for a candidate with deep DevSecOps expertise, a solid understanding of AWS Cloud security architecture, and hands-on experience in designing and configuring cloud security processes, controls, automations, and technologies. Strong communication and organizational skills are essential.

As a key contributor, you will be involved in the day-to-day security operations of our cloud-native environments, participating in design, project management, and reporting activities to ensure compliance with our firm’s policies and the security of our IT and digital assets.

This is a unique opportunity for a cybersecurity professional to expand their technical and soft skills while working in the dynamic Web3/crypto ecosystem.

Key Responsibilities

In this role, you will:

• Lead and manage daily operations of our cloud security environments.

• Deploy and support various security tools and products, including CSPM, CNAPP, DevSecOps tooling, and automation.

• Develop and execute corrective action plans to mitigate identified risks.

• Secure the development pipeline by integrating automated security checks, managing secrets, and ensuring compliance with SSDLC policies.

• Architect and implement security solutions within AWS, including secure container architectures, orchestration, and runtime security measures.

• Analyze complex technical issues, conduct research and testing, and propose effective solutions.

• Validate and implement cloud security controls, maintaining a cloud security posture that aligns with the firm’s risk appetite.

• Remediate vulnerabilities, perform continuous monitoring, and coach teams on patching and corrective actions.

• Apply the organization's cybersecurity strategy and ensure governance of the public cloud infrastructure.

• Generate and analyze KPIs and KRIs, and develop action plans based on findings.

• Collaborate with cross-functional teams to help the organization achieve certifications such as SOC2.

• Contribute to regulatory reporting, red teaming exercises, and penetration testing efforts.

Qualifications and Experience

To excel in this role, you should have:

• A bachelor’s degree or higher in Computer Science or a related field (preferred).

• An Information Security certification such as CISSP, CISM, or CEH (preferred).

• At least 5 years of experience in a security role within a technology environment.

• In-depth knowledge of cybersecurity best practices.

• Expertise in secure application development and DevSecOps, including tools like Terraform, Ansible, Python, and Git.

• Practical experience in additional security domains such as IAM, PKI, Network Security, Endpoint Security, or System Administration.

• Hands-on experience in designing and implementing solutions in at least two information security domains.

This confidential position offers a challenging and rewarding opportunity to make a significant impact within our organization. If you have the experience and drive to excel in a fast-paced, innovative environment, we encourage you to apply.

Locke & McCloud are the UK’s leading cyber security & information security staffing company – through having a sole focus on the cyber & information security space we have been able to foster solid relationships with some of the UK’s most exciting cyber security consultancies & end users. Our focus on the information security space allows us to be able to help you find the most exciting.