Cloud Platform Security Engineer Software engineering

The role

You will evolve ’s security posture across our multi-cloud environments and SIEM platform. This role sits at the intersection of cloud security engineering and detection capability — responsible for both hardening the infrastructure we operate on and ensuring we can see what's happening across it.

You will lead security integration projects, guide cloud engineering teams, and drive continuous improvement across monitoring and detection, including applying AI to accelerate security operations.

This is not a tool-monitoring role. You are here to architect secure cloud environments, build and enhance detection logic at scale, and drive measurable improvements to our security baseline across AWS, Azure, and GCP.

You will partner closely with Engineering, GRC, Technology Risk and Security Operations - defining standards, fine tuning the SIEM, and progressively taking on the most complex cloud security and detection engineering challenges across the organisation.

Cloud Security

• Secure and continuously improve our multi-cloud estate (AWS, Azure, GCP) using cloud native tooling to keep our cloud infrastructure hardened and compliant
• Partner with Engineering and Security Operation team to make security a natural part of how we design and deliver, automating compliance checks so security scales without friction
• Defining and enforcing cloud security architecture standards, guardrails, and policy-as-code inline with industry best practices including NIST, CIS, and PCI DSS.
• Use Wiz or equivalent CNAPP/CSPM to continuously assess, prioritise, and drive remediation of misconfigurations and vulnerabilities against CIS, NIST, and PCI DSS benchmarks.

Security Monitoring

• Fine tune, and maintain modern SIEM platform (e.g. Sentinel) including KQL detection rules, workbooks, logging pipelines, and AI-assisted alert triage.
• Map detection coverage against MITRE ATT&CK tactics and techniques. Identify and close visibility gaps across the cloud estate.
• Maintain alignment to PCI DSS, SOC2, ISO
  27001 NIST, and CIS frameworks. Produce documentation and evidence to support audit and assurance activities.

AI Security

• Design and implement guardrails for AI/LLM systems, covering data exposure, prompt injection, and model misuse risks.
• Leverage AI and automation to enhance alert investigation, enrichment, and response workflows.
• Maintain technical policies and standards for the secure use of AI tools across the organisation.

• 6+ years of hands‑on experience securing AWS, Azure, and GCP environments, including Azure Policy, IAM, Infrastructure‑as‑code (IAC) security or other cloud native tooling.
• Experience with security tools:
  Microsoft Sentinel, Sentinel One, Netskope, Flashpoint, Wiz or similar tooling.
• Strong Microsoft Sentinel expertise: KQL, detection rules, workbooks, and logging pipelines.
• Working knowledge of DLP and threat intelligence monitoring.
• Experience applying AI/ML to security workflows – automated triage, behavioural analytics, or LLM‑assisted investigation.
• Understanding of AI security risks and frameworks: OWASP LLM Top 10, NIST AI RMF.
• Scripting proficiency in Python, Power Shell, or Bash for security automation.
• Strong grasp of PCI DSS, NIST CSF, SOC 2, ISO
  27001, CIS Benchmarks, and MITRE ATT&CK for Cloud.

• AZ-500, AWS Certified Security – Specialty, or equivalent cloud security certification.
• Experience integrating ATT&CK Navigator into SOC workflows.