Home
Jobs
Maxwell Bond
Cyber Security Engineer

Cyber Security Engineer

Remote

United Kingdom

Full Time

28-02-2025

Share this job:

Score my CV

Job Specifications

JOB TITLE: Cyber Security Engineer
REPORTS TO: Head of Information Security & Head of IT Operations
LOCATION: Remote based in the UK

ROLE OVERVIEW
We are seeking a highly skilled IT Systems Security Engineer to join our Data & Technology team. This specialist role reports jointly to the Head of Information Security and Head of IT Operations, playing a crucial part in safeguarding our clients data, services, and infrastructure.
You will work closely with internal and external stakeholders to identify security vulnerabilities and implement practical solutions to mitigate risks. Additionally, you will contribute to the Data & Technology transformation programme, supporting the adoption of cutting-edge security technologies that enable seamless and secure user access.

KEY RESPONSIBILITIES
Provide expert guidance on securing our clients data, services, and assets.
Develop and implement long-term security strategies in collaboration with leadership.
Assess security maturity against industry frameworks and standards.
Define security policies, procedures, and best practice guidelines.
Protect information assets by enforcing data classification and access controls.
Contribute to the redesign of the organisation’s security architecture.
Conduct risk assessments, ensure accurate documentation, and manage risk mitigation.
Oversee penetration testing and security audits.
Implement security controls to strengthen the organisation’s security posture.
Manage and enhance security tools, technologies, and processes.
Ensure compliance with security and regulatory requirements.
Manage cloud security for AWS and Microsoft platforms.
Monitor and respond to cyber threats and security incidents.
Assist in the development and testing of the security incident response plan.
Collaborate with third parties, suppliers, and regulatory bodies to assess risks and compliance.
Support regulatory audits and security awareness programmes.
Evaluate IT changes from a security perspective and participate in IT projects.

ADDITIONAL RESPONSIBILITIES
Maintain security systems, including NAC, Firewalls, MFA, and endpoint security.
Analyse and report on emerging cyber threats.
Support security operations, including patching, updates, and antivirus management.

REQUIRED EXPERIENCE & QUALIFICATIONS
Essential:
5+ years of experience in a security analyst role within a complex organisation.
CompTIA Security+ or SSCP certification.
Strong knowledge of security standards (NIST, CIS, OWASP, NCSC).
In-depth understanding of cyber threats and security best practices.
Experience securing operating systems (Windows, Mac, Linux), databases, networks, and cloud platforms.
Hands-on experience with security tools (vulnerability scanners, SIEM solutions, EDR software like CrowdStrike).
Knowledge of identity management, data classification, and access control.
Experience with compliance frameworks (ISO27001, PCI-DSS, GDPR, HIPAA).
Strong documentation and risk management skills.

Desirable:
CISM, CISSP, or CCSP certification.
Experience with Fortinet firewalls and AWS security services.
Knowledge of cryptography and secure networking.
Familiarity with container security.

KEY SKILLS & ATTRIBUTES
Strong verbal and written communication skills.
Ability to engage with technical and non-technical stakeholders.
Analytical and problem-solving mindset.
Team player with excellent attention to detail.
Ability to quickly assess and respond to emerging threats.

About the Company

As a leading recruitment agency, we specialise in providing staffing solutions across various industries, including Technology, Digital, Sustainability, and Change & Transformation. Our commitment to trust, innovation, and inspiration forms the core of our business values, guiding every interaction and partnership. Maxwell Bond is more than a recruitment agency; we are a strategic partner committed to maximising people's potential. Our purpose goes beyond traditional recruitment, driving us to empower both clients and cand... Know more

Related Jobs

Company Name: Owen Thomas
Job Title: Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits
Job Description: Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits Company: This fully licensed UK bank is renowned for providing cutting-edge banking services tailored to international fintech clients, primarily small and medium-sized enterprises (SMEs). They offer a diverse range of services, including commercial real estate investment loans, trading loans, real-time multi-currency payments, and more. With a strong presence in the financial services industry, they are a trusted partner for over 200 leading fintech companies, helping them serve millions of customers across the UK and Europe. After securing their UK banking license last year, they are now looking to provide direct-to-consumer services. As part of this initiative, they are building a UK mobile engineering team from scratch. They are seeking a Senior Cloud Security Engineer to join the team and work under an extremely experienced Director of Engineering. The Role Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits We are looking for a motivated and detail-oriented Senior Cloud Security Engineer to play a pivotal role in managing and securing the company’s AWS cloud infrastructure. You will work closely with cross-functional teams, ensuring best-in-class security practices and contributing to the overall security strategy. This role requires a deep understanding of cloud security, network security, and cryptography. Key Responsibilities Security Architecture & Design Design and review AWS architecture in collaboration with Engineers. Integrate security into the development lifecycle alongside developers, DevOps, and compliance teams. Monitor and alert on any public-facing services/resources (e.g., public S3 buckets) and propose optimal solutions. Participate in the security on-call ROTA to handle incidents escalated by the SOC, ensuring timely resolution and stakeholder communication. Communicate security risks and recommendations to leadership teams and contribute to periodic security posture reports. Continuously assess and improve security processes and controls. Provide security best practices guidance for AWS services and maintain security reference architectures. Configure AWS Virtual Private Cloud (VPC) and maintain network segmentation. Manage AWS security groups and Network Access Control Lists (NACLs), reviewing for unauthorised changes. Oversee AWS WAF (Web Application Firewall) and AWS Shield to mitigate DDoS attacks. Work with the infrastructure team to manage AWS Key Management Service (KMS) and SSL/TLS security. Ensure encryption of data stored in AWS services (Amazon S3, Amazon RDS) with regular compliance reviews. Develop and deploy automation scripts and tools for security tasks. Cloud Security & Identity Management Implement security checks for Infrastructure as Code (Terraform) and ensure secure module deployment. Manage AWS Identity and Access Management (IAM) policies, roles, and permissions for SSO (Azure AD). Enforce the Principle of Least Privilege (POLP) and ensure appropriate access rights. Implement multi-factor authentication (MFA) and identity federation as part of a Zero Trust model. Conduct regular access and admin access reviews. Implement Privileged Account Management (PAM). Security Monitoring & Incident Response Manage AWS Guard Duty integration into SIEM and MDR solutions. Configure AWS CloudWatch and AWS CloudTrail for continuous monitoring. Establish alerts for suspicious activities and security breaches. Develop, test, and execute incident response plans. Compliance & Governance Ensure compliance with industry standards (e.g., ISO 27001, NIST CSF, PCI DSS) and regulatory requirements (GDPR, FCA OpRes, CBEST, etc.). Set up AWS Config and AWS Organizations to enforce governance policies. Create and maintain security documentation, policies, and procedures. Conduct training and awareness programs on AWS security best practices. Vulnerability Management Conduct regular vulnerability assessments and coordinate penetration testing. Work with security partners to remediate vulnerabilities and report on SLA performance. Requirements for the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits Proven experience in a similar Cloud Security Engineer or Cloud Engineering role. Strong expertise in AWS cloud security and infrastructure. Experience with Terraform for Infrastructure as Code (IaC). Knowledge of AWS native security services and Cloud Security Standards (PCI DSS, NIST, CIS). Experience maintaining Web Application Firewalls (WAF) is beneficial. Previous experience in financial services is a plus. Experience supporting cloud infrastructure adoption across an organisation. Remuneration: Competitive salary with clear progression opportunities. Hybrid working model with a collaborative and inclusive company culture. State-of-the-art office space in Manchester. Comprehensive private healthcare and travel insurance. Pension contribution, life assurance, and income protection insurance. Generous annual leave, including additional days for key life events. Regular team socials and a dynamic work environment. If you are interested in applying to the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London(2 Days) | Up to £110,000 + Benefits drop us your CV and we will give you a call if we think you are a good match!

London, United Kingdom

Hybrid

Full Time

28-02-2025

Company Name: Owen Thomas
Job Title: Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits
Job Description: Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits Company: This fully licensed UK bank is renowned for providing cutting-edge banking services tailored to international fintech clients, primarily small and medium-sized enterprises (SMEs). They offer a diverse range of services, including commercial real estate investment loans, trading loans, real-time multi-currency payments, and more. With a strong presence in the financial services industry, they are a trusted partner for over 200 leading fintech companies, helping them serve millions of customers across the UK and Europe. After securing their UK banking license last year, they are now looking to provide direct-to-consumer services. As part of this initiative, they are building a UK mobile engineering team from scratch. They are seeking a Senior Cloud Security Engineer to join the team and work under an extremely experienced Director of Engineering. The Role Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits We are looking for a motivated and detail-oriented Senior Cloud Security Engineer to play a pivotal role in managing and securing the company’s AWS cloud infrastructure. You will work closely with cross-functional teams, ensuring best-in-class security practices and contributing to the overall security strategy. This role requires a deep understanding of cloud security, network security, and cryptography. Key Responsibilities Security Architecture & Design Design and review AWS architecture in collaboration with Engineers. Integrate security into the development lifecycle alongside developers, DevOps, and compliance teams. Monitor and alert on any public-facing services/resources (e.g., public S3 buckets) and propose optimal solutions. Participate in the security on-call ROTA to handle incidents escalated by the SOC, ensuring timely resolution and stakeholder communication. Communicate security risks and recommendations to leadership teams and contribute to periodic security posture reports. Continuously assess and improve security processes and controls. Provide security best practices guidance for AWS services and maintain security reference architectures. Configure AWS Virtual Private Cloud (VPC) and maintain network segmentation. Manage AWS security groups and Network Access Control Lists (NACLs), reviewing for unauthorised changes. Oversee AWS WAF (Web Application Firewall) and AWS Shield to mitigate DDoS attacks. Work with the infrastructure team to manage AWS Key Management Service (KMS) and SSL/TLS security. Ensure encryption of data stored in AWS services (Amazon S3, Amazon RDS) with regular compliance reviews. Develop and deploy automation scripts and tools for security tasks. Cloud Security & Identity Management Implement security checks for Infrastructure as Code (Terraform) and ensure secure module deployment. Manage AWS Identity and Access Management (IAM) policies, roles, and permissions for SSO (Azure AD). Enforce the Principle of Least Privilege (POLP) and ensure appropriate access rights. Implement multi-factor authentication (MFA) and identity federation as part of a Zero Trust model. Conduct regular access and admin access reviews. Implement Privileged Account Management (PAM). Security Monitoring & Incident Response Manage AWS Guard Duty integration into SIEM and MDR solutions. Configure AWS CloudWatch and AWS CloudTrail for continuous monitoring. Establish alerts for suspicious activities and security breaches. Develop, test, and execute incident response plans. Compliance & Governance Ensure compliance with industry standards (e.g., ISO 27001, NIST CSF, PCI DSS) and regulatory requirements (GDPR, FCA OpRes, CBEST, etc.). Set up AWS Config and AWS Organizations to enforce governance policies. Create and maintain security documentation, policies, and procedures. Conduct training and awareness programs on AWS security best practices. Vulnerability Management Conduct regular vulnerability assessments and coordinate penetration testing. Work with security partners to remediate vulnerabilities and report on SLA performance. Requirements for the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits Proven experience in a similar Cloud Security Engineer or Cloud Engineering role. Strong expertise in AWS cloud security and infrastructure. Experience with Terraform for Infrastructure as Code (IaC). Knowledge of AWS native security services and Cloud Security Standards (PCI DSS, NIST, CIS). Experience maintaining Web Application Firewalls (WAF) is beneficial. Previous experience in financial services is a plus. Experience supporting cloud infrastructure adoption across an organisation. Remuneration: Competitive salary with clear progression opportunities. Hybrid working model with a collaborative and inclusive company culture. State-of-the-art office space in Manchester. Comprehensive private healthcare and travel insurance. Pension contribution, life assurance, and income protection insurance. Generous annual leave, including additional days for key life events. Regular team socials and a dynamic work environment. If you are interested in applying to the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits drop us your CV and we will give you a call if we think you are a good match!

Manchester, United Kingdom

Hybrid

Full Time

28-02-2025

Company Name: Opus Recruitment Solutions
Job Title: Cloud Security Architect
Job Description: Cloud Security Architect Location: Hereford (Hybrid) Salary: Up to £95,000 (depending on experience) Clearance: SC Required (MOD DV Preferred) Sector: National Security / Defence The Opportunity: We’re recruiting a Cloud Security Architect to join a leading defence consultancy in Hereford, offering up to £95k. You’ll be the go-to security SME within the Azure DevOps team, shaping secure cloud solutions for critical National Security projects. With a minimum SC clearance (MOD DV ideal), you’ll be working with Azure DevOps, Terraform, and the latest security tooling to safeguard high-stakes systems whilst working on cutting-edge DevOps workflows. What You’ll Do: Design and implement secure Azure cloud architectures, embedding security best practices from the ground up. Act as the security SME, guiding the DevOps team on threat mitigation, compliance, and secure-by-design principles. Build and optimise CI/CD pipelines using Azure DevOps and Terraform, ensuring robust IaC deployments. Deploy and manage security tooling (e.g., Sentinel, Defender, or equivalent) to monitor, detect, and respond to risks. Conduct vulnerability assessments, penetration testing, and audits to uphold MOD standards. Collaborate with DevOps engineers to balance agility and security in a fast-paced defence environment. Support incident response and root cause analysis for security events, aligning with SC/DV protocols. What You’ll Bring: Deep expertise in Azure cloud security and Azure DevOps (pipelines, repos, boards). Terraform for secure Infrastructure as Code deployments. Proven experience with security tooling (e.g., Azure Sentinel, Nessus, Qualys) as an SME-level practitioner. Active SC clearance (minimum); MOD DV highly desirable for immediate impact. Strong DevOps mindset, comfortable coding in Python or PowerShell for automation. Knowledge of MOD security frameworks (e.g., JSP 440) and compliance requirements. A proactive, collaborative approach to solving complex security challenges in defence contexts. This is a rewarding opportunity offering up to, where you’ll protect national interests through innovative technology on classified defence projects that demand the highest security standards. If you’re an SC-cleared (or DV) cloud security expert ready to lead in a defence consultancy, apply below. Want to hear more about the position, email me at alec.bruce-gardyne@opusrs.com or DM me on LinkedIn. Cloud Security Architect

Hereford, United Kingdom

Hybrid

Full Time

27-02-2025

Company Name: Orbus Software
Job Title: IT Security & Compliance Analyst
Job Description: As a key member of our Information Technology Security team, the IT Security Analyst is tasked with the responsibility of safeguarding our organisation's data, digital assets and IT systems. This role involves a dynamic combination of vulnerability management, security monitoring and incident response activities. The IT Security Analyst will develop and enforce security policies to protect our systems and ensure legal compliance. This technical role requires a proactive approach to cybersecurity, ideal for someone passionate about staying ahead in this field. The role combines hands-on technical and operational tasks with policy maintenance and audit oversight, ensuring a comprehensive approach to maintaining and enhancing our security posture. Core Responsibilities: Threat Intelligence and Security Monitoring: Utilise advanced security tools to continuously monitor and analyse the organisation’s networks and systems. Stay updated with the latest security and technology trends to anticipate security challenges. Vulnerability Management: Lead initiatives to identify, evaluate, and prioritise vulnerabilities in network infrastructures, applications and integrated systems. Collaborate with all internal and external IT functions to ensure security patches and controls are effectively applied. Incident Response and Forensics: Actively participate in the investigation of any possible security breaches and assist with related compliance matters. Undertake forensic analysis to identify the root cause and implement corrective measures to prevent future incidents. Assist in further developing an effective security incident response strategy. Compliance and Risk Assessment: Ensure that the organisation adheres to the necessary compliance regulations regarding Information Security and data privacy. Assist in performing scheduled risk assessments and audits, recommending modifications in compliance, technical and operational processes. Policy Development and Implementation: Create, manage, and roll out comprehensive IT security policies, guidelines and procedures to ensure a secure operating environment. Educate and train staff on compliance and security measures. Stakeholder Engagement: Work closely with various stakeholders, including management, IT Support and external partners, to enhance the security posture of the organisation. Present complex security issues and related solutions to stakeholders at all levels within the organisation. Key Requirements: Education: A bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field, or equivalent professional experience in these areas. Experience: At least 3-5 years of experience in an IT security role with a proven track record in risk management, incident response, and security operations. IT Security experience within a SaaS / Cloud based environment is required. Certifications: Industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) Problem-Solving Skills: Ability to think analytically and strategically to navigate complex security challenges and provide practical solutions. Communication Skills: Exceptional interpersonal and presentation skills, capable of explaining complex security risks and concepts to non-technical stakeholders. Excellent spoken and written English is required. Attention to Detail: Meticulous attention to detail with an uncompromising commitment to achieving high standards of data security. What’s in it for you! A massive opportunity for you to develop your skills and knowledge in a supportive environment that thrives on growth and change. Competitive salary and benefits (in line with experience) Individual performance bonus Hybrid working model, 2/3 days in our London Offices and at home Curious, open culture, with teams collaborating across geographies Living our Values at Orbus Trust: We build trust across our people, customers and partners through honesty, transparency and communication. Empowerment: We empower our customers and our people with growth, development and experience Clarity: We provide clarity and sense of purpose, focused on helping everyone achieve success and forging a clear vision of the future Harmony: We work as one team, collaborating closely so we can sustainably change and grow Find your place at Orbus - We're a diverse and inclusive workplace that promotes a sense of belonging allowing all of our people to bring their whole selves to work every day. Recruitment Companies - Thank you for your interest in our roles – we do not accept unsolicited CVs from recruiters or employment agencies. We will not consider or agree to payment of any referral compensation or recruiter fee relating to any unsolicited CVs. Offers of employment will be dependent on satisfactory references and background checks

London, United Kingdom

On site

Full Time

27-02-2025