Cloud Security Engineer

Smart Recruiters
Liverpool
1 week ago
Create job alert

Job Description

What will you be doing?

We are seeking a talented individual to join our Information Security team in Liverpool as an Azure focused Cloud Security Engineer. The Group Information Security function is a dynamic and highly motivated team committed to ensuring that S&W is organisationally and technically secure in a fast-evolving environment with substantial critical assets, systems, and sensitive data to protect in multiple locations.

As Cloud Security Engineer, your responsibilities will include among others

  • Managing, implementing, and maintaining technical security controls for IAAS, PAAS and SAAS based services which support Financial Planning, Investment Management, Tax Advice and a range of Professional Services.
  • Building out and improving capabilities around M365 utilising E5 licensing. Ensuring E5 security capabilities are being fully utilised and are correctly configured.
  • Continuously reviewing technical controls across cloud platforms including Microsoft Azure including Azure AD.
  • Understanding, reviewing, recommending, and implementing technical security controls in the Azure IAAS environment.
  • Providing assurance that controls are effective and kept up to date as services continue to mature and develop.
  • Provide risk analysis and end to end control design, implementation for new services using cloud-based solutions.
  • Supporting Agile based project management and iteration - squad-based delivery.
  • Ensure that the vision for cloud-based service is built out on security best practice
  • Familiarity in interpreting highly technical detail, being able to spot the security gaps and then working with the change function to come up with a detailed secure solution.
  • Ensuring secure configuration and operation of cloud networks, load balancers, edge protection and firewalls (WAF, etc.).
  • Assisting in the design of enhancements to the cloud security strategy by identifying and alerting on appropriate event types.
  • Identify and define system security requirements at a detailed technical level including controls for encryption, key management, IAAS design and segregation.
  • Deep technical experience of implementing security features within Azure including DDOS protection, encryption, and appropriate monitoring controls.
  • Implement technical controls and make recommendations.
  • Facilitate threat modelling exercises to validate security design decisions
  • Keep up to date with the latest cloud-based risks, methods, and techniques to ensure they are always based on latest guidance
  • Finding new ways to solve existing production security issues and develop guidance material
  • Recommending security enhancements to management and senior stakeholders
  • Assisting with installation or processing of new security products and procedures
  • Ensuring controls for monitoring products and systems for security breaches or intrusions
  • Identifying production stability concerns via break point, vulnerability scanning, and impact analysis, and designing and developing implement remediation plans to address these concerns.
  • Work on the trifecta of visibility, compliance and remediation for public cloud security.
  • Experience in applying both a risk and compliance lens to security.
  • Maintaining contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats.


Qualifications

To be successful in this role, you should have

  • In depth knowledge of Azure cloud platform is required
  • Demonstrable experience provisioning, managing and developing an exemplary technical infrastructure within a medium or large organisation, covering as a minimum, data centres, communications and collaboration, networking, end user computing and tooling is required
  • Demonstrable experience on Azure security configuration and scripting skills and certifications 
  • Demonstrable experience working Switches, Routers & Domain Controllers etc. 
  • Knowledge of a broad range of current and emerging Technology technologies, architectures and delivery models
  • Knowledge of compliance standards like CIS, NIST in conjunction with PCI-DSS and GDPR
  • Excellent interpersonal skills with the ability to lead others and persuasively communicate complex technical information effectively to a diverse range of stakeholders, resulting in productive working relationships - a "trusted adviser" to business & technology teams 
  • Strong communication and collaboration skills, dealing with fast-moving, complex scenarios supporting multiple initiatives and goals 
  • A team player who can balance need, risk and pragmatism when developing solutions. Good organisational, planning and risk management skills, with the ability to bring discussions to a decision-making end; a proven capacity for creative problem-solving and troubleshooting 

Professional Qualifications and Education

  • Degree or equivalent, preferable in Computer Systems / Solutions Infrastructure / or technology related innovation or comparable cloud certifications 



Additional Information

As a colleague here at S&W you will have access to benefits that include

  • Competitive salary
  • Private medical insurance
  • Life assurance
  • Pension contribution
  • Hybrid working model (role dependent)
  • Generous holiday package
  • Option to purchase additional holiday
  • Shared parental leave
  • Fully funded training towards professional qualifications
  • Cycle to work scheme
  • Season ticket loan
  • Eye care support

We are proud to value the differences that a diverse workforce brings, representative of society and our clients. At S&W we have a wide range of highly active employee resource groups and we’re delivering multiple diversity, equity and inclusion initiatives across the organisation. It is our commitment to provide a workplace where all colleagues, regardless of identity, background, or circumstance, feel respected as individuals and feel that they can achieve their full potential and work in a safe, supportive, and inclusive environment.

We are happy to make any reasonable adjustments to accommodate for your needs throughout the application process. Please let your Recruiter know.

Related Jobs

View all jobs

Cloud Security Engineer

Cloud Security Engineer

Cloud Security Engineer

Cloud Security Engineer

Cloud Security Engineer

Senior Cloud Security Engineer

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Portfolio Projects That Get You Hired for Cyber Security Jobs (With Real GitHub Examples)

With rising cyber threats and increasingly sophisticated attacks, cyber security has become a critical priority for organisations worldwide. From penetration testers (pentesters) and SOC analysts to cloud security engineers and threat intelligence specialists, the demand for skilled cyber security professionals continues to surge. But how do you stand out in a growing field? Alongside your CV, an impressive cyber security portfolio can be the distinguishing factor that convinces employers you’re the right fit. In this comprehensive guide, you’ll discover: Why a cyber security portfolio is essential for job seekers in this domain. How to align portfolio projects with different cyber security career paths. Real GitHub examples that demonstrate best practices in security-focused projects. Actionable project ideas you can start today, from penetration testing labs to blue-team detection pipelines. Best practices for organising your repos and presenting your work so hiring managers can instantly see your impact. When you’re ready to pursue your next opportunity, remember to upload your CV on CyberSecurityJobs.tech. Our specialised platform connects talented security professionals with employers who need your expertise—exactly what your portfolio will showcase.

Cyber Security Job Interview Warm‑Up: 30 Real Coding & System‑Design Questions

The need for skilled cyber security professionals has never been greater. As organisations rapidly digitise their operations and store increasing amounts of sensitive data online, cyber threats loom large—ranging from sophisticated ransomware attacks to insider threats and state‑sponsored espionage. Against this backdrop, cyber security jobs remain some of the most in‑demand and mission‑critical roles on the market. If you’re preparing for a cyber security interview, expect to be tested on a broad spectrum of topics—from secure coding and incident response to network security architecture and compliance standards. In many cases, companies also include problem‑solving exercises and system design scenarios to gauge how well you can apply theoretical knowledge to real‑world threats. To help you ace these assessments, we’ve compiled 30 real coding & system‑design questions you might encounter. Each reflects a key area of cyber security—whether it’s encryption and key management, threat modelling, or designing a zero‑trust network. Along the way, we’ll offer insights and best practices so you can stand out from the crowd. If you’re on the lookout for exciting cyber security roles in the UK, head to www.cybersecurityjobs.tech. There, you’ll discover a range of positions—covering everything from penetration testing and threat intelligence to compliance management and security operations. Let’s dive into the essentials of interview readiness.

Negotiating Your Cybersecurity Job Offer: Equity, Bonuses & Perks Explained

How to Secure Compensation That Reflects Your Value in the UK’s High-Stakes Cybersecurity Sector Introduction As cyber threats grow more sophisticated and frequent, cybersecurity professionals have never been more in demand. From thwarting ransomware attacks to architecting secure cloud infrastructures, mid‑senior cybersecurity experts play a critical role in safeguarding a company’s data and reputation. Thanks to this growing reliance on cybersecurity, employers in the UK are going above and beyond simple salary offers to attract the top echelon of talent. Although base salary remains a key component of any job offer, the broader package—encompassing equity, bonuses, and perks—can often surpass what you’d gain from a small bump in monthly pay. For cybersecurity specialists working in areas such as threat intelligence, incident response, penetration testing, or compliance, the complexity and risk mitigation you bring to the table is massive. Knowing how to negotiate the entire package ensures you are duly rewarded for keeping an organisation’s data, assets, and operations safe. In this guide, we’ll delve into every aspect of negotiating a cybersecurity job offer. Whether you’re pivoting to a mid‑senior role or cementing your expertise at an established security consultancy, understanding the full range of compensation elements will help you secure an offer that acknowledges the criticality of what you do. Let’s explore equity options, performance bonuses, and the perks that matter most, so you can come out of your next job negotiation confident that you’re getting more than just a salary.