Lead Cloud Security Engineer
Our Future Health
- London
- £90,000-100,000 per year
- Permanent
- Full-time
- Work with the cloud team and provide expert advice on securing our use of Azure cloud services, Kubernetes and containers. In particular, provide guidance and a level of oversight for Azure network security and Key Vault
- Encourage a ‘shift-left’ approach to security
- Oversee and support the operation of Microsoft Defender for Cloud
- Develop and get wider buy-in for security policy as code (using OPA or similar)
- Assist with maturing our use of and support the operation of Entra ID (previously AAD) for IAM, Identity Governance and Privileged Identity Management
- Drive the work to secure our Data Platform, including our use of Databricks, Dagster and Snowflake along with our in-house developed applications and CI/CD pipeline
- Collaborate with wider tech and security teams on the implementation and operation of a robust Customer Identity and Access Management (CIAM) service
- Document security processes and security tool low-level design/configuration
- Lead the development of security service delivery and operation documentation
- Assist tech teams with integrating their systems and services with security services and tools
- Support, including coaching and mentoring, the security and application security engineers and wider security team with their various responsibilities, including achieving and maintaining ISO 27001 certification and threat modelling activities.
- Working in a siloed environment with no freedom to make decisions.
- Working in a place where you can’t see the impact your expertise makes.
- Proficient in writing Terraform, KQL and ideally Python and PowerShell
- Significant experience of securing Azure and Azure security services (e.g. Key Vault, NSGs, WAF, etc.)
- Significant experience of securing Kubernetes (ideally AKS) and container security
- Significant experience of automating security capabilities and operations and security/policy as code (e.g. with OPA, Azure Policy, etc.)
- Experience with Microsoft’s Defender suite, in particular Defender for Cloud
- Experience with Microsoft Entra ID (previously AAD), including the Identity Governance capabilities Hands-on experience with Microsoft Sentinel
- Ideally experience of securing Github and Github actions (or similar)
- Ideally experience in securing data platforms (e.g. Databricks, Dagster, Snowflake)
- Experience in Threat Modelling
- Exposure to Agile working and DevSecOps
- Knowledge of ISO 27001
- Desire to be part of a small fast-paced team
- Relevant certifications, such as: Microsoft certifications (MS-500, AZ-500, AZ-700, SC-200, SC-300), CompTIA Security+ and Cloud+, Cloud Security Alliance CCSK, ISC2 CCSP
- Up to £100,000 per anum
- Generous company pension package with employer contributions of up to 12%.
- 30 days annual leave (plus bank holidays.)
- Continuous career development with regular appraisals and learning and development opportunities.
- A lovely new office in Holborn, Central London – we offer flexible and remote working arrangements.