Cloud Security Architect

Hybrid

Hereford, United Kingdom

£ 95,000 / year

Full Time

27-02-2025

Share this job:

Score my CV Apply on the company website

Job Specifications

Cloud Security Architect

Location: Hereford (Hybrid)

Salary: Up to £95,000 (depending on experience)

Clearance: SC Required (MOD DV Preferred)

Sector: National Security / Defence

The Opportunity:

We’re recruiting a Cloud Security Architect to join a leading defence consultancy in Hereford, offering up to £95k. You’ll be the go-to security SME within the Azure DevOps team, shaping secure cloud solutions for critical National Security projects. With a minimum SC clearance (MOD DV ideal), you’ll be working with Azure DevOps, Terraform, and the latest security tooling to safeguard high-stakes systems whilst working on cutting-edge DevOps workflows.

What You’ll Do:

Design and implement secure Azure cloud architectures, embedding security best practices from the ground up.
Act as the security SME, guiding the DevOps team on threat mitigation, compliance, and secure-by-design principles.
Build and optimise CI/CD pipelines using Azure DevOps and Terraform, ensuring robust IaC deployments.
Deploy and manage security tooling (e.g., Sentinel, Defender, or equivalent) to monitor, detect, and respond to risks.
Conduct vulnerability assessments, penetration testing, and audits to uphold MOD standards.
Collaborate with DevOps engineers to balance agility and security in a fast-paced defence environment.
Support incident response and root cause analysis for security events, aligning with SC/DV protocols.

What You’ll Bring:

Deep expertise in Azure cloud security and Azure DevOps (pipelines, repos, boards).
Terraform for secure Infrastructure as Code deployments.
Proven experience with security tooling (e.g., Azure Sentinel, Nessus, Qualys) as an SME-level practitioner.
Active SC clearance (minimum); MOD DV highly desirable for immediate impact.
Strong DevOps mindset, comfortable coding in Python or PowerShell for automation.
Knowledge of MOD security frameworks (e.g., JSP 440) and compliance requirements.
A proactive, collaborative approach to solving complex security challenges in defence contexts.

This is a rewarding opportunity offering up to, where you’ll protect national interests through innovative technology on classified defence projects that demand the highest security standards.

If you’re an SC-cleared (or DV) cloud security expert ready to lead in a defence consultancy, apply below. Want to hear more about the position, email me at alec.bruce-gardyne@opusrs.com or DM me on LinkedIn.

Cloud Security Architect

About the Company

When it comes to technology talent, Opus Recruitment Solutions are the specialists. We provide the skills needed most to markets at the forefront of change, evolving with the ever-changing needs of our clients to propel their people strategy and build world-class teams to power the future. With a global reach, diverse networks and an established market reputation, we are the partner of choice for organisations looking for flexible and trusted technology talent solutions to achieve long-term success. Our clients work acros... Know more

Related Jobs

Company Name: Owen Thomas
Job Title: Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits
Job Description: Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits Company: This fully licensed UK bank is renowned for providing cutting-edge banking services tailored to international fintech clients, primarily small and medium-sized enterprises (SMEs). They offer a diverse range of services, including commercial real estate investment loans, trading loans, real-time multi-currency payments, and more. With a strong presence in the financial services industry, they are a trusted partner for over 200 leading fintech companies, helping them serve millions of customers across the UK and Europe. After securing their UK banking license last year, they are now looking to provide direct-to-consumer services. As part of this initiative, they are building a UK mobile engineering team from scratch. They are seeking a Senior Cloud Security Engineer to join the team and work under an extremely experienced Director of Engineering. The Role Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits We are looking for a motivated and detail-oriented Senior Cloud Security Engineer to play a pivotal role in managing and securing the company’s AWS cloud infrastructure. You will work closely with cross-functional teams, ensuring best-in-class security practices and contributing to the overall security strategy. This role requires a deep understanding of cloud security, network security, and cryptography. Key Responsibilities Security Architecture & Design Design and review AWS architecture in collaboration with Engineers. Integrate security into the development lifecycle alongside developers, DevOps, and compliance teams. Monitor and alert on any public-facing services/resources (e.g., public S3 buckets) and propose optimal solutions. Participate in the security on-call ROTA to handle incidents escalated by the SOC, ensuring timely resolution and stakeholder communication. Communicate security risks and recommendations to leadership teams and contribute to periodic security posture reports. Continuously assess and improve security processes and controls. Provide security best practices guidance for AWS services and maintain security reference architectures. Configure AWS Virtual Private Cloud (VPC) and maintain network segmentation. Manage AWS security groups and Network Access Control Lists (NACLs), reviewing for unauthorised changes. Oversee AWS WAF (Web Application Firewall) and AWS Shield to mitigate DDoS attacks. Work with the infrastructure team to manage AWS Key Management Service (KMS) and SSL/TLS security. Ensure encryption of data stored in AWS services (Amazon S3, Amazon RDS) with regular compliance reviews. Develop and deploy automation scripts and tools for security tasks. Cloud Security & Identity Management Implement security checks for Infrastructure as Code (Terraform) and ensure secure module deployment. Manage AWS Identity and Access Management (IAM) policies, roles, and permissions for SSO (Azure AD). Enforce the Principle of Least Privilege (POLP) and ensure appropriate access rights. Implement multi-factor authentication (MFA) and identity federation as part of a Zero Trust model. Conduct regular access and admin access reviews. Implement Privileged Account Management (PAM). Security Monitoring & Incident Response Manage AWS Guard Duty integration into SIEM and MDR solutions. Configure AWS CloudWatch and AWS CloudTrail for continuous monitoring. Establish alerts for suspicious activities and security breaches. Develop, test, and execute incident response plans. Compliance & Governance Ensure compliance with industry standards (e.g., ISO 27001, NIST CSF, PCI DSS) and regulatory requirements (GDPR, FCA OpRes, CBEST, etc.). Set up AWS Config and AWS Organizations to enforce governance policies. Create and maintain security documentation, policies, and procedures. Conduct training and awareness programs on AWS security best practices. Vulnerability Management Conduct regular vulnerability assessments and coordinate penetration testing. Work with security partners to remediate vulnerabilities and report on SLA performance. Requirements for the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits Proven experience in a similar Cloud Security Engineer or Cloud Engineering role. Strong expertise in AWS cloud security and infrastructure. Experience with Terraform for Infrastructure as Code (IaC). Knowledge of AWS native security services and Cloud Security Standards (PCI DSS, NIST, CIS). Experience maintaining Web Application Firewalls (WAF) is beneficial. Previous experience in financial services is a plus. Experience supporting cloud infrastructure adoption across an organisation. Remuneration: Competitive salary with clear progression opportunities. Hybrid working model with a collaborative and inclusive company culture. State-of-the-art office space in Manchester. Comprehensive private healthcare and travel insurance. Pension contribution, life assurance, and income protection insurance. Generous annual leave, including additional days for key life events. Regular team socials and a dynamic work environment. If you are interested in applying to the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London(2 Days) | Up to £110,000 + Benefits drop us your CV and we will give you a call if we think you are a good match!

London, United Kingdom

Hybrid

Full Time

28-02-2025

Company Name: Owen Thomas
Job Title: Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits
Job Description: Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits Company: This fully licensed UK bank is renowned for providing cutting-edge banking services tailored to international fintech clients, primarily small and medium-sized enterprises (SMEs). They offer a diverse range of services, including commercial real estate investment loans, trading loans, real-time multi-currency payments, and more. With a strong presence in the financial services industry, they are a trusted partner for over 200 leading fintech companies, helping them serve millions of customers across the UK and Europe. After securing their UK banking license last year, they are now looking to provide direct-to-consumer services. As part of this initiative, they are building a UK mobile engineering team from scratch. They are seeking a Senior Cloud Security Engineer to join the team and work under an extremely experienced Director of Engineering. The Role Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits We are looking for a motivated and detail-oriented Senior Cloud Security Engineer to play a pivotal role in managing and securing the company’s AWS cloud infrastructure. You will work closely with cross-functional teams, ensuring best-in-class security practices and contributing to the overall security strategy. This role requires a deep understanding of cloud security, network security, and cryptography. Key Responsibilities Security Architecture & Design Design and review AWS architecture in collaboration with Engineers. Integrate security into the development lifecycle alongside developers, DevOps, and compliance teams. Monitor and alert on any public-facing services/resources (e.g., public S3 buckets) and propose optimal solutions. Participate in the security on-call ROTA to handle incidents escalated by the SOC, ensuring timely resolution and stakeholder communication. Communicate security risks and recommendations to leadership teams and contribute to periodic security posture reports. Continuously assess and improve security processes and controls. Provide security best practices guidance for AWS services and maintain security reference architectures. Configure AWS Virtual Private Cloud (VPC) and maintain network segmentation. Manage AWS security groups and Network Access Control Lists (NACLs), reviewing for unauthorised changes. Oversee AWS WAF (Web Application Firewall) and AWS Shield to mitigate DDoS attacks. Work with the infrastructure team to manage AWS Key Management Service (KMS) and SSL/TLS security. Ensure encryption of data stored in AWS services (Amazon S3, Amazon RDS) with regular compliance reviews. Develop and deploy automation scripts and tools for security tasks. Cloud Security & Identity Management Implement security checks for Infrastructure as Code (Terraform) and ensure secure module deployment. Manage AWS Identity and Access Management (IAM) policies, roles, and permissions for SSO (Azure AD). Enforce the Principle of Least Privilege (POLP) and ensure appropriate access rights. Implement multi-factor authentication (MFA) and identity federation as part of a Zero Trust model. Conduct regular access and admin access reviews. Implement Privileged Account Management (PAM). Security Monitoring & Incident Response Manage AWS Guard Duty integration into SIEM and MDR solutions. Configure AWS CloudWatch and AWS CloudTrail for continuous monitoring. Establish alerts for suspicious activities and security breaches. Develop, test, and execute incident response plans. Compliance & Governance Ensure compliance with industry standards (e.g., ISO 27001, NIST CSF, PCI DSS) and regulatory requirements (GDPR, FCA OpRes, CBEST, etc.). Set up AWS Config and AWS Organizations to enforce governance policies. Create and maintain security documentation, policies, and procedures. Conduct training and awareness programs on AWS security best practices. Vulnerability Management Conduct regular vulnerability assessments and coordinate penetration testing. Work with security partners to remediate vulnerabilities and report on SLA performance. Requirements for the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits Proven experience in a similar Cloud Security Engineer or Cloud Engineering role. Strong expertise in AWS cloud security and infrastructure. Experience with Terraform for Infrastructure as Code (IaC). Knowledge of AWS native security services and Cloud Security Standards (PCI DSS, NIST, CIS). Experience maintaining Web Application Firewalls (WAF) is beneficial. Previous experience in financial services is a plus. Experience supporting cloud infrastructure adoption across an organisation. Remuneration: Competitive salary with clear progression opportunities. Hybrid working model with a collaborative and inclusive company culture. State-of-the-art office space in Manchester. Comprehensive private healthcare and travel insurance. Pension contribution, life assurance, and income protection insurance. Generous annual leave, including additional days for key life events. Regular team socials and a dynamic work environment. If you are interested in applying to the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits drop us your CV and we will give you a call if we think you are a good match!

Manchester, United Kingdom

Hybrid

Full Time

28-02-2025

Company Name: Zebra People
Job Title: Lead Cloud Engineer
Job Description: A well-known British motoring company are looking for a Cloud & Security Platform Lead to join them in what is a brand new position for the company. There’s a lot of scope here for you to have a real effect on their cloud platform. Joining a team of 10, you’d be responsible for leading the strategy (and setting standards across the department) behind their cloud and security technology, with a focus on working with AWS, which is their cloud provider of choice. What experience do I need? You’ll need a really in-depth knowledge of AWS (as well as the relevant services, such as compute, storage, networking, database and most important serverless, as this what they work on) as you’ll be working with it day to day. A wide knowledge of IaC tools like Terraform and CloudFormation is needed as there are a lot of cloud deployments to automate. You’ll also need prior hands on experience with containerisation technologies such as Docker and Kubernetes, as well as cloud-native application development and microservices architecture. Security, from both a hands on and compliance aspect, is also a key part of the role. You’ll need an in-depth knowledge of the principles and practices here, including but not exclusive to firewalls, intrusion detection/prevention systems, encryption and endpoint protection. On the compliance perspective you’ll need an understanding of security standards and frameworks such as ISO27001, NIST and GDPR. What will I be doing? Key to this role is having the capability to come in and really set the strategy for the department, as that is what they’re missing in the current team. It’s very much a strategic role where you’ll be tasked with creating a roadmap around both cloud and security, and then rolling this out. Think the standard tasks for this type of role, such as ensuring the team follow standards on security and cloud, designing and deploying cloud infrastructure and fostering a real positive culture of collaboration and innovation. What’s in it for me? They’re offering up to £120K for the role as well as a wide range of benefits. These include an annual bonus of up to 20%, a £5K cash-car allowance (which you’ll get even if you don’t have a car!), 7% pension and private medical insurance. They ask you to come into the office twice a week (they’ve locations in London and Basingstoke) and there will be travel once or twice a month to the location you’re not in. This will of course be expensed. What does the interview process look like? They’re looking to move quickly on this (in their words; they needed someone last week) so are doing 3 short stages. The first is a 30/45 minute conversation with the Head of Technology, which will be followed by a 75 minute technical deep dive. If that goes well then the last stage will be to meet the wider team for 45 minutes. This is a chance to get to know both them and the company culture a little better. To discuss in more detail, please reach out to mitch@zebrapeople.com.

London, United Kingdom

Hybrid

Full Time

27-02-2025

Company Name: Maxwell Bond
Job Title: Cyber Security Engineer
Job Description: JOB TITLE: Cyber Security Engineer REPORTS TO: Head of Information Security & Head of IT Operations LOCATION: Remote based in the UK ROLE OVERVIEW We are seeking a highly skilled IT Systems Security Engineer to join our Data & Technology team. This specialist role reports jointly to the Head of Information Security and Head of IT Operations, playing a crucial part in safeguarding our clients data, services, and infrastructure. You will work closely with internal and external stakeholders to identify security vulnerabilities and implement practical solutions to mitigate risks. Additionally, you will contribute to the Data & Technology transformation programme, supporting the adoption of cutting-edge security technologies that enable seamless and secure user access. KEY RESPONSIBILITIES Provide expert guidance on securing our clients data, services, and assets. Develop and implement long-term security strategies in collaboration with leadership. Assess security maturity against industry frameworks and standards. Define security policies, procedures, and best practice guidelines. Protect information assets by enforcing data classification and access controls. Contribute to the redesign of the organisation’s security architecture. Conduct risk assessments, ensure accurate documentation, and manage risk mitigation. Oversee penetration testing and security audits. Implement security controls to strengthen the organisation’s security posture. Manage and enhance security tools, technologies, and processes. Ensure compliance with security and regulatory requirements. Manage cloud security for AWS and Microsoft platforms. Monitor and respond to cyber threats and security incidents. Assist in the development and testing of the security incident response plan. Collaborate with third parties, suppliers, and regulatory bodies to assess risks and compliance. Support regulatory audits and security awareness programmes. Evaluate IT changes from a security perspective and participate in IT projects. ADDITIONAL RESPONSIBILITIES Maintain security systems, including NAC, Firewalls, MFA, and endpoint security. Analyse and report on emerging cyber threats. Support security operations, including patching, updates, and antivirus management. REQUIRED EXPERIENCE & QUALIFICATIONS Essential: 5+ years of experience in a security analyst role within a complex organisation. CompTIA Security+ or SSCP certification. Strong knowledge of security standards (NIST, CIS, OWASP, NCSC). In-depth understanding of cyber threats and security best practices. Experience securing operating systems (Windows, Mac, Linux), databases, networks, and cloud platforms. Hands-on experience with security tools (vulnerability scanners, SIEM solutions, EDR software like CrowdStrike). Knowledge of identity management, data classification, and access control. Experience with compliance frameworks (ISO27001, PCI-DSS, GDPR, HIPAA). Strong documentation and risk management skills. Desirable: CISM, CISSP, or CCSP certification. Experience with Fortinet firewalls and AWS security services. Knowledge of cryptography and secure networking. Familiarity with container security. KEY SKILLS & ATTRIBUTES Strong verbal and written communication skills. Ability to engage with technical and non-technical stakeholders. Analytical and problem-solving mindset. Team player with excellent attention to detail. Ability to quickly assess and respond to emerging threats.