- Company Name
- EC Markets UK
- Job Title
- Senior Cloud & Information Security Engineer
- Job Description
-
**Job Title:** Senior Cloud & Information Security Engineer
**Role Summary:**
Own and advance the organization’s technical security posture and cloud infrastructure. Design, implement, and operate secure Azure/AWS environments, enforce identity and access controls, embed security in DevOps pipelines, and support regulatory compliance through evidence‑based audit readiness.
**Expectations:**
- Maintain continuous security monitoring, logging, and vulnerability management.
- Deliver secure, resilient cloud architectures using Infrastructure‑as‑Code.
- Lead technical response to security incidents and post‑incident improvement.
- Provide technical evidence for audits and regulator reviews.
**Key Responsibilities:**
- Manage day‑to‑day information security controls, hardening, and MFA/least‑privilege enforcement.
- Design, build, and automate cloud infrastructure (Azure/AWS) with security‑by‑design principles.
- Own IaC, configuration management, and automation frameworks.
- Integrate security into CI/CD pipelines, release processes, and change management.
- Conduct and oversee penetration testing, vulnerability scans, and remediation activities.
- Coordinate external security testing vendors and translate findings into technical fixes.
- Act as technical lead for incident response, forensic analysis, containment, and recovery.
- Collaborate with IT management and compliance teams to demonstrate effective controls for FCA and other audits.
**Required Skills:**
- Strong networking expertise (on‑prem and cloud environments).
- Hands‑on experience with Azure and/or AWS, including networking, encryption, backups, and resilience.
- Proficiency in Infrastructure‑as‑Code (e.g., Terraform, ARM, CloudFormation) and configuration management tools.
- Deep knowledge of security frameworks (ISO 27001, NIST) and practical application.
- Experience with DevOps toolchains, CI/CD, secure coding practices, and automation.
- Ability to lead technical incident response and conduct security testing.
**Required Education & Certifications:**
- Bachelor’s degree in Computer Science, Data Engineering, or a related field.
- 5–8 years of direct experience in cloud engineering and information security.
- Preferred: CISSP, CISM, CCSP, or equivalent cloud security certifications.