Lead Cloud Security Engineer

Our Future Health

  • London
  • £90,000-100,000 per year
  • Permanent
  • Full-time
  • 22 days ago
  • Apply easily
We are looking to hire a Lead Cloud Security Engineer, this is an important addition to help drive our newly formed Security Team! In this role, you will support our Director of Information Security deliver our security goals, enhance our security posture and be key member in the team to support the team as we continue to grow.In this role, you will have the opportunity to work alongside our cloud team to provide security subject matter expertise to ensure we build and operate a secure cloud platform. You will lead on collaboration with wider teams in the technology function for the construction, operation and continual improvement of foundational security services.This opportunity would suit someone who is looking to take on more ownership in their role, maximise the value provided by our tools and shape the way we work in this newly formed team within Technology and Data.At Our Future Health, our mission is to transform the prevention, detection and treatment of conditions such as dementia, cancer, diabetes, heart disease and stroke. We’re looking for people to join us on our journey. If you’re looking for a new challenge where you can contribute to helping future generations live in good health for longer, then we’re keen to speak with you.What you'll be doing:This role should help us mature our cloud security through enhancing and automating various security controls and working . In this role, you will be responsible for:
  • Work with the cloud team and provide expert advice on securing our use of Azure cloud services, Kubernetes and containers. In particular, provide guidance and a level of oversight for Azure network security and Key Vault
  • Encourage a ‘shift-left’ approach to security
  • Oversee and support the operation of Microsoft Defender for Cloud
  • Develop and get wider buy-in for security policy as code (using OPA or similar)
  • Assist with maturing our use of and support the operation of Entra ID (previously AAD) for IAM, Identity Governance and Privileged Identity Management
  • Drive the work to secure our Data Platform, including our use of Databricks, Dagster and Snowflake along with our in-house developed applications and CI/CD pipeline
  • Collaborate with wider tech and security teams on the implementation and operation of a robust Customer Identity and Access Management (CIAM) service
  • Document security processes and security tool low-level design/configuration
  • Lead the development of security service delivery and operation documentation
  • Assist tech teams with integrating their systems and services with security services and tools
  • Support, including coaching and mentoring, the security and application security engineers and wider security team with their various responsibilities, including achieving and maintaining ISO 27001 certification and threat modelling activities.
What you won’t be doing:
  • Working in a siloed environment with no freedom to make decisions.
  • Working in a place where you can’t see the impact your expertise makes.
The environmentWe’re a rapidly scaling team of talented people who’ve come from start-ups, tech companies, the NHS and health charities. We’re creating something that will be used to transform the prevention, detection and treatment of disease - something that has never been done before on this scale.RequirementsWe absolutely welcome applicants who don't think they meet all the criteria below or who have a non-traditional security background. However please bear in mind that this is a highly hands-on role and scripting skills are essential.
  • Proficient in writing Terraform, KQL and ideally Python and PowerShell
  • Significant experience of securing Azure and Azure security services (e.g. Key Vault, NSGs, WAF, etc.)
  • Significant experience of securing Kubernetes (ideally AKS) and container security
  • Significant experience of automating security capabilities and operations and security/policy as code (e.g. with OPA, Azure Policy, etc.)
  • Experience with Microsoft’s Defender suite, in particular Defender for Cloud
  • Experience with Microsoft Entra ID (previously AAD), including the Identity Governance capabilities Hands-on experience with Microsoft Sentinel
  • Ideally experience of securing Github and Github actions (or similar)
  • Ideally experience in securing data platforms (e.g. Databricks, Dagster, Snowflake)
  • Experience in Threat Modelling
  • Exposure to Agile working and DevSecOps
  • Knowledge of ISO 27001
  • Desire to be part of a small fast-paced team
  • Relevant certifications, such as: Microsoft certifications (MS-500, AZ-500, AZ-700, SC-200, SC-300), CompTIA Security+ and Cloud+, Cloud Security Alliance CCSK, ISC2 CCSP
Benefits
  • Up to £100,000 per anum
  • Generous company pension package with employer contributions of up to 12%.
  • 30 days annual leave (plus bank holidays.)
  • Continuous career development with regular appraisals and learning and development opportunities.
  • A lovely new office in Holborn, Central London – we offer flexible and remote working arrangements.
Join us - let’s prevent disease together.

Our Future Health