continue to candidate homepage




Continue to client homepage

Principal Cloud Security Engineer

  • Location

    London, England

  • Sector:

    Cyber Security

  • Job type:


  • Salary:


  • Contact:

    Gintare Butkute

  • Email:


  • Job ref:

    JN -112021-89872_1635859712

  • Published:

    about 1 month ago

  • Expiry date:


  • Startdate:


  • Consultant:


We're looking for a Principal Cloud Security Engineer based in #UK or #Netherlands

As Principal Cloud Security Engineer, you will be a member of the Global Security Architecture & Engineering team and report directly to the Senior Manager of Cloud Security. Maintain responsibility for Cloud Security, design, and policy engineering within a project capacity by ensuring that the company is in line with security, compliance, and regulatory requirements. Moreover, drive and implement solutions for reducing technical risks and security vulnerabilities within the cloud and 3rd party hosting solutions. Work with both in-house and externally contracted teams to introduce and maintain a robust end-to-end cloud security strategy.

Key responsibilities:

  • Responsible for Cloud Security Assessment, Identifying Cloud Security gaps, generating assessment outcome reports and working with Cloud Account owning teams to resolve security gaps identified.
  • Perform Threat Modelling for Workloads and Develop Counter Measures.
  • Responsible for ensuring security implementation of GDO projects across T&I and CTIO areas, delivering high quality services and creative solutions across all Cloud hosted solutions.
  • Perform design reviews of new 3rd party cloud and On-Prem solutions, products, and services to identify potential risks and recommend appropriate mitigations.
  • Ensure Security overlay of all cloud solutions.
  • Work with key stakeholders to develop and apply Cloud Security Policies, Standards and Principles.
  • Responsible for monitoring and driving Cloud Security Compliance during project lifecycle.
  • Delivering the technical aspects through plan-design-build for project & compliance security testing.
  • Responsible for development of solutions to secure architecture requirements and standards.
  • Ensures accurate delivery progress reporting is completed and communicated to relevant stakeholders.
  • Create Cloud Security Policies and engineer them - Preventive, Detective, Reactive and Forensic Controls. Test Cloud Security Policies.
  • Engineer Security Solutions for Container Technology and micro services.

Must have skills:

  • Experience with Cloud Security Posture Management tools - C3M, Prisma Cloud, Rapid 7, CheckPoint (Dome9).
  • Familiarity with common cloud related compliance Benchmarks - CIS, GDPR, PCI-DSS, ISO27001, ISO27017, ISO27018, TSR, OFCOM.
  • Strong documentation, design, and presentation skills with the ability to create management reporting to convey business justifications, architectural designs and workflows.
  • In depth knowledge of Cloud Security Architecture Frameworks e.g. AWS Well-Architected; and/or Open Architecture Frameworks e.g. TOGAF.
  • Strong engineering and/or architecture experience in the fundamental Cloud Security Domains - Identity and Access Management, Cloud Network and Compute Infrastructure Security, Data Protection (at-rest/in-transit), Workload Security, SIEM, Logging and Monitoring.
  • In depth knowledge of various Cloud Models - IaaS, PaaS, SaaS, hybrid and multi-cloud models.
  • Familiar with common industry cloud providers - AWS, GCP, Azure, OCI.
  • Practical understanding of industry cloud security principles and their application - NCSC, NIST, CSA.
  • Hands-on experience in a cloud security environment. This could either be as a cloud security engineer or cloud security specialist within a security team, or as a solutions architect with significant experience of designing and securing cloud hosted solutions against real-world threats.
  • Cloud Security Policy Engineering and Testing - create cloud security policy, engineer it, test it and deploy it.
  • Cloud Security Policy Engineering Tools: skills with any combination of the following - Hashicorp Sentinel Language, Prisma Cloud Resource Query Language, CfnNag, CloudFormation Guard, Resource Query Language, Monitoring Query Language, Cloud Query Language.
  • Experience with engineering Security Solutions for Container Technology and micro services - Kubernetes (GKE, EKS or AKS), ECS or Fargate, Docker, ECR, GCR, etc.
  • Experience with CI/CD tools, Git, GitHub, branching frameworks, and integrating automated security tests with CI/CD pipelines, etc. Knowledge of common cloud connectivity methods and orchestration technologies.
  • Experience with Infrastructure as Code (IaC) and Policy as Code(PaC) - Terraform, CloudFormation, Deployment Manager, CfnNag, CloudFormation Guard, Cloud Query Language.

Education & certification:

  • Educated to degree level or equivalent or able to demonstrate a similar level of ability from industrial experience.
  • CISSP, CCSP, OSCP, SANS or equivalent.
  • Certification in one or more cloud vendor offerings such as AWS, GCP, Azure, OCI.

Please respond so we can set up an interview for you.

Don't delay - send your CV to gintare.butkute@darwinrecruitment.com, message me via LinkedIn or give me a call right away!

Kind regards,

Gintare Butkute | Delivery Consultant


+ 31 (0) 20 - 30 58557

Darwin Recruitment

Darwin Recruitment is acting as an Employment Business in relation to this vacancy.