Improve cloud security controls across AWS and Azure, including IAM policies, network segmentation, encryption standards, and logging.
Integrate security tooling (SAST, DAST, dependency scanning) into CI/CD pipelines to shift security left in the development lifecycle.
Triage, prioritise, and assisting remediation of CVEs — contributing code fixes directly to development projects when needed, not just raising tickets.
Collaborate with platform and backend engineers on infrastructure-as-code reviews, container security, and secrets management.
Support cloud hardening initiatives, including CIS benchmark compliance and ongoing posture monitoring.
Participate in security reviews of new features, architecture proposals, and third-party integrations.
Contribute to incident response processes, including root cause analysis and post-incident improvements.

3–5 years’ experience in a security engineering, DevSecOps, or cloud security role.
Solid working knowledge of AWS security services (GuardDuty, Security Hub, Config, IAM) and familiarity with Azure security controls.
Practical experience with CI/CD tooling (e.g. GitHub Actions, Jenkins, GitLab CI) and embedding security checks into pipelines.
Strong understanding of code management practices: branching strategies, pull request workflows, and dependency management.
Ability to read, understand, and contribute to application code (Python, Java, TypeScript, or similar) to remediate vulnerabilities.
Familiarity with container security (Docker, Kubernetes) and infrastructure-as-code.
Knowledge of common vulnerability frameworks (CVE, CVSS, OWASP Top 10) and secure coding principles.
Good communication skills — you can explain a risk to a developer and help them fix it, not just flag it.

Security Engineer

Key skills