Cloud Security Engineer (VM Compliance)
On site
Manchester, United Kingdom
£ 91,110 / year
Full Time
25-02-2025
Job Specifications
JOB TITLE: Cloud Security Engineer (VM Compliance)
SALARY: From £70,929 depending on location
LOCATION(S): UK (Edinburgh, Manchester, Leeds, Bristol, London)
HOURS: Full-time (35 Hours Per Week)
WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week currently, or 40% of our time, at one our strategic hubs
About this opportunity
You'll sit within Chief Security Office (CSO), part of a team of Security-focused engineers. We are driving a roadmap that will modernise our approach to securing cloud hosted workloads in the Group (Continuous Compliance, Contextual Reporting, Cloud Native). Our primary services are the curation of guardrails (policy as code) to secure Operating Systems (OS) for Virtual Machine (VM)-based workloads hosted on Private and Public Cloud Platforms. Our goal is to enable the bank's adoption of Private & Public Cloud to go safely, faster.
The CSO is a vital part of delivering the Group's vision of putting customers at the heart of everything we do, helping Britain prosper and protecting the Group and customers from security threats. We're responsible for influencing then implementing Lloyds Banking Group's security strategy and providing a variety of critical Enterprise Security Services which not only operate key controls that keep the Group safe but also enable the digital transformation agenda of the wider organisation.
Experienced Security focused DevOps engineers are needed to develop guardrails (policy as code) to detect, report and where possible enforce (auto-remediate) safe and secure configurations at the Operating System (OS) level to align with our principles and standards, as well as Industry best practices (CIS Benchmarks). The role will involve curating Operating Systems for secure LBG consumption with guardrails and supporting these throughout the full lifecycle (definition, development, release, maintenance); building and maturing the OS Continuous Compliance framework; maturing of operational and curation processes through simplification and automation.
It is crucial that the applicant has outstanding written, drawing, and verbal communication skills, as one would expect from an architect or consultant. These skills are vital to effectively communicate information that will later be completed by our proficient engineering teams. This is a hands-on engineering role, and will require deep knowledge in Operating Systems, DevOps tooling and experience working in Infrastructure as Code (IaC) environments.
Why Lloyds Banking Group
Like the modern Britain we serve, we're evolving. Investing billions in our people, data, and tech to transform the way we meet the ever-changing needs of our 26 million customers. We're growing with purpose. Join us on our journey.
What you'll need
We need a Solution Engineer who understands the challenges of modern architecture. You'll build a compelling strategic vision and will understand a wide array of technology implications including people and process, bringing this to your comprehensive view of design.
You'll ideally have previous career experience in software or infrastructure engineering and will be well placed to define and sell your vision for Engineers, Architects, and Product Owners alike.
You must be a keen and comfortable communicator who is happy working with a wide range of technical and non-technical colleagues. You would be able to produce high quality documentation tailored to the audience which would include senior colleagues. As a role that can require demanding delivery timeframes, you'll be self-organised and proactively prioritise your time.
You'll:
Identify OS level configurations that require security oversight and control
Define a backlog of OS guardrails to detect bad configurations, enforce good configurations
Develop, test, release and support guardrails through their full lifecycle
Provision and configure testing environments and supporting resources
Apply automation first mind-set to all activities completed
Coach and upskill peers and junior team members
Create, maintain and enhance terraform modules
Analyse compliance health and security posture of workloads and platforms
Input into development of compliance reports and enable value release to end customers
Lead triage and resolution of engineering impediments
Work closely with the PO to build roadmap items and shape the backlog
Lead on recommendations to harden and improve security posture
Research and upskill in to trending compliance capabilities, identify ways to incorporate into the team's roadmap
In addition, we're in search of someone who holds the following experiences:
Strong experience in Operating Systems (RHEL / WIN Server), IaC
Experience in Cloud Compliance - guardrails and policies
Experience in VM Management tooling (Azure ARC)
Understanding of API-based architectures
About working for us
Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want our people to feel that they belong and can be their best, regardless of background, identity, or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it's why we especially welcome applications from under-represented groups. We're disability confident. So, if you'd like reasonable adjustments to be made to our recruitment processes, just let us know.
We also offer a wide-ranging benefits package, which includes:
A generous pension contribution of up to 15%
An annual performance-related bonus
Share schemes including free shares.
Benefits you can adapt to your lifestyle, such as discounted shopping.
Generous holiday allowance, with bank holidays on top
A range of wellbeing initiatives and generous parental leave policies
Want to do amazing work, that's interesting and makes a difference to millions of people? Join our journey.
About the Company
Our purpose is Helping Britain Prosper. We do this by creating a more sustainable and inclusive future for people and businesses, shaping finance as a force for good. We're part of an ever-changing industry and are currently on a journey to shape the financial services of the future, whilst supporting our customers’ changing needs. The scale and reach of our Group means we can offer a broad range of opportunities to learn, grow and develop. Our values-led culture and approach to inclusion and diversity means we can all mak... Know more
Related Jobs
- Company Name
- TieTalent
- Job Title
- Infrastructure Engineer (Security Clearance)
- Job Description
- About The Space, Defence and Intelligence business unit in CGI is a true IT Systems Integrator. We work, build, and operate bespoke, technically complex, mission-critical systems which help our clients keep us all safe and secure. We bring innovation to our clients using proven and emerging technologies, agile delivery processes and our deep expertise across the breadth of space, defence, intelligence, aerospace and maritime, all underpinned by our end-to-end cyber capability. We work collaboratively with global technology companies, cutting edge SMEs and academia to deliver the optimal solution for each client. CGI was recognised in the Sunday Times Best Places to Work List 2024 and has been named one of the ‘World’s Best Employers’ by Forbes magazine. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you’ll be part of an open, friendly community of experts. We’ll train and support you in taking your career wherever you want it to go. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. This position will be based on site near Farnborough or Reading. Your future duties and responsibilities We are looking for an experienced and highly skilled Senior Infrastructure Support Engineer to join our team. This role is ideal for professionals who excel in supporting, maintaining, and optimizing critical IT infrastructure. You will play a key role in ensuring the high availability, security, and performance of our systems while troubleshooting complex issues efficiently. Additionally, you will participate in an on-call rota to provide 24/7 support for mission-critical systems. Key Responsibilities Advanced Support & Troubleshooting: Provide expert-level support for VMware Cloud Foundation, Tanzu, Dell VxRail, and Dell Data Domain solutions. Troubleshoot and resolve issues related to key management systems, including HashiCorp Vault and Thales Hardware Security Module. Manage and support privileged access management solutions (BeyondTrust) and SSO systems (KeyCloak). Have a strong foundation in networking principles. System Maintenance & Optimisation Administer and optimise Windows Server 2022 and Hyper-V environments. Perform proactive monitoring and maintenance to ensure system performance and reliability. Implement and support disaster recovery and business continuity strategies. Collaboration & Documentation Work closely with cross-functional teams to resolve infrastructure challenges and drive improvements. Maintain detailed documentation for all systems, processes, and configurations. On-Call Support Participate in an on-call rota to provide out-of-hours support for critical systems and ensure rapid incident resolution. Required Qualifications To Be Successful In This Role Defence sector experience or experience in a highly regulated environment. Proven experience in a senior support role, managing complex IT environments. Certifications in VMware, Microsoft, Dell, or security technologies (highly desirable). Strong problem-solving skills, attention to detail, and a commitment to delivering high-quality solutions. Familiarity with Hyper-converged Infrastructure. Desired Competencies Knowledge of cross-domain technologies (Tiger Traps, Garrison, OpsWat, NiFi). Familiarity with DevOps tools (GitLab, Harbor, FluxCD, Kubernetes-based containerisation). Experience with Elastic for logging and analytics. This is an exciting opportunity to work with cutting-edge infrastructure technologies in a dynamic and mission-critical environment. If you are passionate about IT infrastructure, troubleshooting, and system optimisation, we’d love to hear from you! Together, as owners, let’s turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction. Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team—one of the largest IT and business consulting services firms in the world. Nice-to-have skills Hyper-V Gitlab Kubernetes Reading, England Work experience System Engineer DevOps Systems Administrator Languages English
- Company Name
- Allstate
- Job Title
- Security Intelligence Metrics Lead
- Job Description
- At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. And for more than 90 years our innovative drive has kept us a step ahead of our customers’ evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection. Your role in the team The Security Intelligence Metrics Lead architects and designs security metrics and data insights used to communicate the security posture of information security to an executive audience. This person leads a team that creates digital products using modern tools, technologies, frameworks, and systems. They apply a systematic application of scientific and technological knowledge, methods, and experience to the design, implementation, testing, and documentation of Tableu, PowerBI, or software products. Key Responsibilities Leads the effort of shaping the security metrics across the information security department Participate in product scoping, discovery and framing, and inceptions providing technical input and helps translate user features into system design Leads and participates in inceptions and iteration planning meetings, infusing backlogs with technical input working in close partnership with the product manager. Leads and participates in daily site, cross-site, and product team standups. Leads and participates in retrospectives; demonstrating and encouraging each participant to provide feedback with empathy. Serves as an expert in the domain of information security. Serves as the anchor of the team and practices technical leadership; helping guide the team in choosing the right technology, solving technical problems, and resolving any technical conflicts within the team. Establishes continuous integration, continuous delivery, and continuous deployment pipelines and practices. Leads and participates in knowledge sharing and contributes to the overall growth of the collective knowledge of the Allstate Information Security community. Essential Skills All applicants must demonstrate they have a legal right to work in the UK for employment at Allstate. Allstate is not providing sponsorship for this vacancy. Minimum 5 years of overall experience in information technology field Experience creating a communication strategy of a company’s rick posture to senior stake holders including directors using quantified data Possess a broad knowledge of risk and security Experience preparing presentations, analytical reports, and documents regarding program operational status, achievement, and performance. Experience communicating and presenting to senior executive leadership Proficient experience with at least one of the following technologies: Tableau or PowerBI Candidates must also demonstrate the following: Be creative, organized, responsive, and a thorough problem solver Possess a strong business acumen Have excellent oral/written presentation skills Desirable Skills Understanding of Agile/XP/Scrum/Kanban Understanding of Continuous Integration/Testing/Delivery/CI/CD Familiarity with cloud architecture and services, such as AWS. Familiarity with code reviews and penetration testing preferred. CISSP Certification is a major plus. Supervisory Responsibilities This job does not have supervisory duties. Posting End Date: 7th February 2025 (11:59pm) Joining our team isn’t just a job — it’s an opportunity. One that takes your skills and pushes them to the next level. One that encourages you to challenge the status quo. And one where you can impact the future for the greater good. You’ll do all this in a flexible environment that embraces connection and belonging. And with the recognition of several inclusivity and diversity awards, we’ve proven that Allstate empowers everyone to lead, drive change and give back where they work and live. Good Hands. Greater Together. What We Offer As Digital DNA’s Workplace of the Year 2020 & 2022 winners, we offer a generous benefits package that includes flexible annual leave entitlement, dental and healthcare insurance, an attractive pension package and discounts on gym memberships, public transport and parking. Allstate invests heavily in your development, as an employee you will have access to multiple world-class learning platforms and courses from our award-winning in-house Learning & Development team. We pride ourselves in providing clear career paths and opportunities for internal mobility allowing you to further develop within the organisation. We encourage a better work life balance and you’ll have the opportunity to apply for various flexible working arrangements. Statement on Fair Employment and Equal Opportunities Allstate NI wishes to ensure equal opportunity is given to all job applicants. This company will not discriminate on the grounds of race, gender (including gender reassignment status), sexual orientation, religious belief, political opinion, marital status, age or disability. We are an equal opportunities employer. We welcome applications from all suitably qualified persons. However, as women are currently under-represented in our workforce, we would particularly welcome applications from women. All appointments will be made on merit. Applicants should note Allstate NI complete AccessNI background checks on all candidates offered a position. Posting End Date: 15 February 2025
- Company Name
- N Consulting Global
- Job Title
- AWS Cloud Architect
- Job Description
- AWS Cloud Architect – Landing Zones & VPC role below: Location: Bournemouth, Glasgow, and London Job Summary: We seek an experienced AWS Cloud Architect with expertise in AWS Landing Zones and Amazon Virtual Private Cloud (VPC). The ideal candidate will design, implement, and optimize cloud networking infrastructure to ensure security, scalability, and compliance with industry standards. Key Responsibilities Design and implement AWS Landing Zones for multi-account cloud environments. Architect and manage Amazon VPCs, ensuring secure and high-performance networking. Establish network connectivity between on-premises data centres and AWS using VPNs and AWS Direct Connect. Implement security best practices, including VPC peering, security groups, NACLs, and firewall configurations. Automate infrastructure provisioning using Infrastructure as Code (IaC) tools like Terraform and AWS CloudFormation. Collaborate with cross-functional teams to optimize AWS environments for performance, cost, and security. Monitor and troubleshoot network issues, latency, and connectivity challenges in AWS environments. Ensure compliance with AWS Well-Architected Framework and governance policies.
- Company Name
- JAC Recruitment
- Job Title
- Information Security Officer
- Job Description
- Are you passionate about safeguarding information and ensuring robust security frameworks? We are seeking a dedicated and experienced Information Security Officer to join our dynamic team in London. This is a fantastic opportunity to play a pivotal role in establishing and maintaining IT and information security governance across our European operations. Key Responsibilities: Develop and implement comprehensive IT and information security plans in collaboration with key stakeholders. Regularly report on the status and progress of security initiatives to senior management. Coordinate and execute security plans, ensuring compliance with legislative and business obligations. Review and improve security measures based on feedback and performance metrics. Assist in technical implementation plans and conduct assessments and audits. Draft and update security policies and manuals to align with regulations. Stay abreast of technological advancements in IT and security. Facilitate effective communication within the organization and with external partners. Qualifications: Minimum of 3 years of experience in the ICT industry. Proven experience with security frameworks such as ISO 27001, ISAE 3402, or Cyber Security Framework. Strong knowledge of GDPR and NIS2 requirements. Excellent communication skills in English and German. Ability to work independently and manage multiple tasks efficiently. Strong work ethic, attention to detail, and reliable timekeeping. Preferred Experience: Experience working in Germany and/or France. Ability to translate documents and conversations between English and German/French. What We Offer: Competitive salary up to £80,000, depending on experience. Full-time, permanent position with a standard 35-hour work week. Opportunities for professional growth and development. Collaborative and supportive work environment. If you are ready to take on a challenging and rewarding role in information security, we would love to hear from you. Apply now to join our team and make a significant impact on our security landscape!