Cloud Security Engineer

Role Profile - Cloud Security Engineer

Purpose:
A leading insurance sector client is seeking a highly skilled and experienced Cloud Security Engineer to play a critical role in advancing the organization's cloud security capabilities. The successful candidate will lead the design, implementation, and continuous improvement of cloud security across multi-cloud platforms-primarily Google Cloud Platform (GCP) and Microsoft Azure. This role is essential in ensuring that all cloud infrastructure, services, and data remain protected, compliant, and resilient against emerging cyber threats. Working within the broader technology and security teams, the Cloud Security Engineer will be responsible for policy enforcement, incident response, security tooling, and embedding security across the development lifecycle.

Key Responsibilities:

Develop, implement, and maintain comprehensive cloud security policies, standards, and technical controls for GCP and Azure environments.

Configure, manage, and optimize native cloud security tools such as GCP Security Command Centre, Cloud IAM, VPC Service Controls, Azure Security Centre, Microsoft Defender for Cloud, and Azure Active Directory.

Lead regular vulnerability assessments, security audits, and penetration testing activities across the cloud infrastructure and hosted applications.

Monitor cloud platforms for security threats, suspicious activity, misconfigurations, and vulnerabilities using automated tools and custom detection methods.

Act as a key lead in cloud security incident response, including triage, analysis, containment, and remediation.

Work closely with development and DevOps teams to integrate security best practices into CI/CD pipelines, infrastructure-as-code deployments, and cloud-native services.

Provide security architecture guidance on the secure design of applications, networking, storage, and identity management across multi-cloud environments.

Collaborate with risk, compliance, and governance teams to ensure alignment with relevant industry regulations and frameworks, such as ISO 27001, NIST, or CIS.

Where applicable, assess and enhance the security configuration of Salesforce, ensuring effective data protection and access management.

Desirable Skills and Experience:

6+ years of experience in cloud security, information security, or related technical roles.

Proven hands-on experience securing Google Cloud Platform (GCP), with in-depth understanding of its security services and capabilities.

Strong knowledge of Azure and Microsoft 365 cloud security controls and best practices.

Deep understanding of cloud security architecture, the shared responsibility model, and infrastructure-as-code security principles.

Experience with threat modelling, incident response, and forensic analysis in cloud environments.

Familiarity with container security, Kubernetes, and hybrid or multi-cloud deployments is advantageous.

Preferred certifications:

Google Professional Cloud Security Engineer

Microsoft Azure Security Engineer Associate (AZ-500)

Certified Cloud Security Professional (CCSP)

Key Attributes:

Excellent communicator, able to explain technical security concepts to non-technical audiences.

Naturally inquisitive and investigative, always looking for potential risks or improvements.

Highly detail-oriented, structured, and able to follow and improve processes.

Strong collaboration and influencing skills, with the ability to work across business and technical teams.

Resilient under pressure, able to prioritize competing workloads in a fast-paced environment.

Passion for continuous learning and keeping up with the latest cloud and cybersecurity trends.

Culture & Conduct:

Act as a security ambassador, promoting strong security culture within technical and business teams.

Exhibit behaviour aligned with the insurance sector client's values and code of conduct, maintaining the highest standards of professionalism and ethical responsibility