Cloud Security Engineer
We are currently working with a leading hedge fund looking to bring on a Cloud Security Engineer. You will be working closely with Infrastructure Engineering, Platform, DevOps, and Risk teams to design and deliver strategic security improvements across a large-scale AWS environment. This is a hands‑on, engineering‑focused role dedicated to advancing cloud security through architectural enhancements, automation, control uplift, and continuous maturity development. You'll operate in a high‑performance, technology‑driven setting where secure, scalable, and automated cloud infrastructure is essential to business success.
- Architect and implement secure AWS solutions aligned with best practices and internal security frameworks.
- Engineer and evolve IAM foundations, including permission boundaries and least‑privilege access models.
- Develop and maintain SCPs and organisation-level governance guardrails.
- Build and automate security baselines across multi‑account AWS environments.
- Design and deploy infrastructure security controls using Infrastructure as Code (Terraform or CloudFormation).
- Engineer scalable encryption and key‑management solutions using AWS KMS.
- Automate security controls, compliance validation, and remediation workflows.
- Collaborate with DevOps and Platform teams to embed security into CI/CD pipelines and infrastructure design.
- Lead uplift initiatives across CSPM, CWNP, and broader cloud security domains.
- Contribute to long‑term cloud security strategy and architectural roadmaps.
- Minimum 5 years' experience in cloud security, infrastructure security, or related engineering roles.
- Strong hands‑on experience engineering security solutions within AWS.
- Deep understanding of IAM, SCPs, account governance, and AWS organisational design.
- Proven experience designing secure cloud architectures in complex environments.
- Expertise with IaC tools such as Terraform or CloudFormation.
- Experience implementing and operating CSPM technologies.
- Strong knowledge of encryption, key management, and cloud data‑protection principles.
- Ability to build automation frameworks in Python or similar scripting languages.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.