Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits
Hybrid
Manchester, United Kingdom
Full Time
28-02-2025
Job Specifications
Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits
Company:
This fully licensed UK bank is renowned for providing cutting-edge banking services tailored to international fintech clients, primarily small and medium-sized enterprises (SMEs). They offer a diverse range of services, including commercial real estate investment loans, trading loans, real-time multi-currency payments, and more. With a strong presence in the financial services industry, they are a trusted partner for over 200 leading fintech companies, helping them serve millions of customers across the UK and Europe.
After securing their UK banking license last year, they are now looking to provide direct-to-consumer services. As part of this initiative, they are building a UK mobile engineering team from scratch.
They are seeking a Senior Cloud Security Engineer to join the team and work under an extremely experienced Director of Engineering.
The Role Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits
We are looking for a motivated and detail-oriented Senior Cloud Security Engineer to play a pivotal role in managing and securing the company’s AWS cloud infrastructure. You will work closely with cross-functional teams, ensuring best-in-class security practices and contributing to the overall security strategy. This role requires a deep understanding of cloud security, network security, and cryptography.
Key Responsibilities
Security Architecture & Design
Design and review AWS architecture in collaboration with Engineers.
Integrate security into the development lifecycle alongside developers, DevOps, and compliance teams.
Monitor and alert on any public-facing services/resources (e.g., public S3 buckets) and propose optimal solutions.
Participate in the security on-call ROTA to handle incidents escalated by the SOC, ensuring timely resolution and stakeholder communication.
Communicate security risks and recommendations to leadership teams and contribute to periodic security posture reports.
Continuously assess and improve security processes and controls.
Provide security best practices guidance for AWS services and maintain security reference architectures.
Configure AWS Virtual Private Cloud (VPC) and maintain network segmentation.
Manage AWS security groups and Network Access Control Lists (NACLs), reviewing for unauthorised changes.
Oversee AWS WAF (Web Application Firewall) and AWS Shield to mitigate DDoS attacks.
Work with the infrastructure team to manage AWS Key Management Service (KMS) and SSL/TLS security.
Ensure encryption of data stored in AWS services (Amazon S3, Amazon RDS) with regular compliance reviews.
Develop and deploy automation scripts and tools for security tasks.
Cloud Security & Identity Management
Implement security checks for Infrastructure as Code (Terraform) and ensure secure module deployment.
Manage AWS Identity and Access Management (IAM) policies, roles, and permissions for SSO (Azure AD).
Enforce the Principle of Least Privilege (POLP) and ensure appropriate access rights.
Implement multi-factor authentication (MFA) and identity federation as part of a Zero Trust model.
Conduct regular access and admin access reviews.
Implement Privileged Account Management (PAM).
Security Monitoring & Incident Response
Manage AWS Guard Duty integration into SIEM and MDR solutions.
Configure AWS CloudWatch and AWS CloudTrail for continuous monitoring.
Establish alerts for suspicious activities and security breaches.
Develop, test, and execute incident response plans.
Compliance & Governance
Ensure compliance with industry standards (e.g., ISO 27001, NIST CSF, PCI DSS) and regulatory requirements (GDPR, FCA OpRes, CBEST, etc.).
Set up AWS Config and AWS Organizations to enforce governance policies.
Create and maintain security documentation, policies, and procedures.
Conduct training and awareness programs on AWS security best practices.
Vulnerability Management
Conduct regular vulnerability assessments and coordinate penetration testing.
Work with security partners to remediate vulnerabilities and report on SLA performance.
Requirements for the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits
Proven experience in a similar Cloud Security Engineer or Cloud Engineering role.
Strong expertise in AWS cloud security and infrastructure.
Experience with Terraform for Infrastructure as Code (IaC).
Knowledge of AWS native security services and Cloud Security Standards (PCI DSS, NIST, CIS).
Experience maintaining Web Application Firewalls (WAF) is beneficial.
Previous experience in financial services is a plus.
Experience supporting cloud infrastructure adoption across an organisation.
Remuneration:
Competitive salary with clear progression opportunities.
Hybrid working model with a collaborative and inclusive company culture.
State-of-the-art office space in Manchester.
Comprehensive private healthcare and travel insurance.
Pension contribution, life assurance, and income protection insurance.
Generous annual leave, including additional days for key life events.
Regular team socials and a dynamic work environment.
If you are interested in applying to the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, Manchester (2 Days) | Up to £100,000 + Benefits drop us your CV and we will give you a call if we think you are a good match!
About the Company
Hey, we are Owen Thomas. We are a relationship first recruitment partner for Data, Product & Engineering, across Contract and Permanent roles in the UK & Europe. Humanness matters. We believe that empathy is the core of great recruitment; bringing opportunity and businesses to life, beyond what a person can see on a website. All done with our OT personal touch. Our mission: To be leaders within our specialisms and create unrivalled opportunities both internally and externally. We balance purpose and profit. Actively in... Know more
Related Jobs
- Company Name
- Cloud People
- Job Title
- Microsoft Security Architect
- Job Description
- Microsoft Security Architect Up to £90K + bonus & benefits Home based with occasional travel About the Company Join a specialist Microsoft partner at the forefront of Microsoft Security, designing and implementing cutting-edge solutions for enterprise clients. About the Role This is your chance to lead security engagements, influence strategy, and work with the latest Microsoft security technologies. Responsibilities Design & implement enterprise security solutions using Defender for Cloud, Sentinel, Intune, Entra, and more. Assess & improve security postures, identifying risks and closing gaps. Lead security workshops, guiding organisations through cloud security best practices. Collaborate with technical teams, integrating security into cloud transformations. Stay ahead of emerging threats, continuously learning and sharing insights. Qualifications Proven experience in Microsoft Security architecture and hands-on implementation. Required Skills Expertise in Microsoft Security solutions (Defender XDR, Sentinel, Intune, Entra) as well as strong knowledge of Azure and M365 environments Strategic mindset + technical depth, with strong stakeholder engagement skills. Previous consulting experience within another Microsoft partner Relevant certifications (or a clear pathway to achieving them).
- Company Name
- Referment
- Job Title
- Application Security Engineer
- Job Description
- Referment is working with a fast-growing digital assets technology firm in London, which has recently secured significant funding and is expanding its technology team. They are now hiring an Application Security Engineer to join their London office. This is an exciting opportunity to be part of a company that is breaking into new markets and products in the digital assets space, with a strong focus on security. The successful candidate will collaborate closely with developers to implement security measures and tooling across applications and platforms. A software engineering background (preferably in Java) is essential, alongside strong experience with Cloud technologies such as Kubernetes, Terraform, and DevOps processes. With a security-first approach, this company is building on the latest technologies in the Cloud, making it an ideal environment for an Application Security Engineer to thrive. Key Requirements: 5+ years of experience in application security, product security, or related fields with a focus on cloud and application security Experience with Microsoft Azure, Kubernetes, Terraform, CI/CD, and languages such as Java and Python Strong expertise in threat modelling, cloud security, secure coding, penetration testing, and security in regulated environments Why this role stands out: Hybrid working – Enjoy a flexible work environment with a blend of office and remote work Work on Greenfield projects with cutting-edge technologies Join a well-funded, growing company with a strong commitment to security
- Company Name
- Mayflower Recruitment Ltd
- Job Title
- Senior Data / DevOps Engineer - AWS/Python - Manchester
- Job Description
- We are looking for Senior Data / DevOps Engineer to join our team and play a crucial role in Data Engineer Team, ensuring the main function is developing, maintaining and improving the end-to-end data pipeline. You will be working in the Data Engineering team whose main function is developing, maintaining and improving the end-to-end data pipeline that includes real-time data processing; extract, transform, load jobs; artificial intelligence; and data analytics on a complex and large dataset. Your role will primarily be to perform DevOps, backend and cloud development on the data infrastructure to develop innovative solutions to effectively scale and maintain the data platform. You will be working on complex data problems in a challenging and fun environment, using some of the latest Big Data open-source technologies like Apache Spark, as well as Amazon Web Service technologies including Elastic MapReduce, Athena and Lambda to develop scalable data solutions. Key Responsibilities: Adhering to Company Policies and Procedures with respect to Security, Quality and Health & Safety. Writing application code and tests that conform to standards. Developing infrastructure automation and scheduling scripts for reliable data processing. Continually evaluating and contribute towards using cutting-edge tools and technologies to improve the design, architecture and performance of the data platform. Supporting the production systems running the deployed data software. Regularly reviewing colleagues’ work and providing helpful feedback. Working with stakeholders to fully understand requirements. Be the subject matter expert for the data platform and supporting processes and be able to present to others to knowledge share. Here’s what we’re looking for: The ability to problem solve. Knowledge of AWS or equivalent cloud technologies. Knowledge of Serverless technologies, frameworks and best practices. Experience using AWS CloudFormation or Terraform for infrastructure automation. Knowledge of Scala or OO language such as Java or C#. SQL or Python development experience. High-quality coding and testing practices. Willingness to learn new technologies and methodologies. Knowledge of agile software development practices including continuous integration, automated testing and working with software engineering requirements and specifications. Good interpersonal skills, positive attitude, willing to help other members of the team. Experience debugging and dealing with failures on business-critical systems. Preferred: Exposure to Apache Spark, Apache Trino, or another big data processing system. Knowledge of streaming data principles and best practices. Understanding of database technologies and standards. Experience working on large and complex datasets. Exposure to Data Engineering practices used in Machine Learning training and inference. Experience using Git, Jenkins and other CI/CD tools. Mayflower is acting as an Employment Agency in relation to this vacancy
- Company Name
- Owen Thomas
- Job Title
- Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits
- Job Description
- Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits Company: This fully licensed UK bank is renowned for providing cutting-edge banking services tailored to international fintech clients, primarily small and medium-sized enterprises (SMEs). They offer a diverse range of services, including commercial real estate investment loans, trading loans, real-time multi-currency payments, and more. With a strong presence in the financial services industry, they are a trusted partner for over 200 leading fintech companies, helping them serve millions of customers across the UK and Europe. After securing their UK banking license last year, they are now looking to provide direct-to-consumer services. As part of this initiative, they are building a UK mobile engineering team from scratch. They are seeking a Senior Cloud Security Engineer to join the team and work under an extremely experienced Director of Engineering. The Role Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits We are looking for a motivated and detail-oriented Senior Cloud Security Engineer to play a pivotal role in managing and securing the company’s AWS cloud infrastructure. You will work closely with cross-functional teams, ensuring best-in-class security practices and contributing to the overall security strategy. This role requires a deep understanding of cloud security, network security, and cryptography. Key Responsibilities Security Architecture & Design Design and review AWS architecture in collaboration with Engineers. Integrate security into the development lifecycle alongside developers, DevOps, and compliance teams. Monitor and alert on any public-facing services/resources (e.g., public S3 buckets) and propose optimal solutions. Participate in the security on-call ROTA to handle incidents escalated by the SOC, ensuring timely resolution and stakeholder communication. Communicate security risks and recommendations to leadership teams and contribute to periodic security posture reports. Continuously assess and improve security processes and controls. Provide security best practices guidance for AWS services and maintain security reference architectures. Configure AWS Virtual Private Cloud (VPC) and maintain network segmentation. Manage AWS security groups and Network Access Control Lists (NACLs), reviewing for unauthorised changes. Oversee AWS WAF (Web Application Firewall) and AWS Shield to mitigate DDoS attacks. Work with the infrastructure team to manage AWS Key Management Service (KMS) and SSL/TLS security. Ensure encryption of data stored in AWS services (Amazon S3, Amazon RDS) with regular compliance reviews. Develop and deploy automation scripts and tools for security tasks. Cloud Security & Identity Management Implement security checks for Infrastructure as Code (Terraform) and ensure secure module deployment. Manage AWS Identity and Access Management (IAM) policies, roles, and permissions for SSO (Azure AD). Enforce the Principle of Least Privilege (POLP) and ensure appropriate access rights. Implement multi-factor authentication (MFA) and identity federation as part of a Zero Trust model. Conduct regular access and admin access reviews. Implement Privileged Account Management (PAM). Security Monitoring & Incident Response Manage AWS Guard Duty integration into SIEM and MDR solutions. Configure AWS CloudWatch and AWS CloudTrail for continuous monitoring. Establish alerts for suspicious activities and security breaches. Develop, test, and execute incident response plans. Compliance & Governance Ensure compliance with industry standards (e.g., ISO 27001, NIST CSF, PCI DSS) and regulatory requirements (GDPR, FCA OpRes, CBEST, etc.). Set up AWS Config and AWS Organizations to enforce governance policies. Create and maintain security documentation, policies, and procedures. Conduct training and awareness programs on AWS security best practices. Vulnerability Management Conduct regular vulnerability assessments and coordinate penetration testing. Work with security partners to remediate vulnerabilities and report on SLA performance. Requirements for the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London (2 Days) | Up to £110,000 + Benefits Proven experience in a similar Cloud Security Engineer or Cloud Engineering role. Strong expertise in AWS cloud security and infrastructure. Experience with Terraform for Infrastructure as Code (IaC). Knowledge of AWS native security services and Cloud Security Standards (PCI DSS, NIST, CIS). Experience maintaining Web Application Firewalls (WAF) is beneficial. Previous experience in financial services is a plus. Experience supporting cloud infrastructure adoption across an organisation. Remuneration: Competitive salary with clear progression opportunities. Hybrid working model with a collaborative and inclusive company culture. State-of-the-art office space in Manchester. Comprehensive private healthcare and travel insurance. Pension contribution, life assurance, and income protection insurance. Generous annual leave, including additional days for key life events. Regular team socials and a dynamic work environment. If you are interested in applying to the Senior Cloud Security Engineer | Fintech, International Bank, AWS, Cryptography | Hybrid, London(2 Days) | Up to £110,000 + Benefits drop us your CV and we will give you a call if we think you are a good match!