Lead Security Engineer

Location: Hybrid / 2-3 days a week on site in London

Type: Permanent, Full-Time

We are looking for an experienced Lead Cloud Security Engineer to lead the design, implementation, and continual improvement of cloud security capabilities within a highly regulated environment.

This role is critical in ensuring that our cloud platforms are secure, resilient, and compliant with regulatory expectations. You will provide technical leadership across cloud security architecture, engineering, governance, and operational security, working closely with Cyber Security, Enterprise Architecture, Risk, Compliance, Infrastructure, and Development teams.

As a subject matter expert, you will play a key role in enabling secure cloud adoption while ensuring compliance with industry regulations, security standards, and resilience requirements.

• Lead the development and execution of the organisation’s cloud security strategy and roadmap.
• Design and implement security controls across cloud platforms, ensuring security‑by‑design principles are embedded throughout the lifecycle.
• Provide technical leadership and direction for cloud security initiatives and programmes.
• Act as the senior cloud security SME for major transformation and migration projects.

• Ensure cloud environments align with regulatory and compliance requirements including:
• FCA and PRA requirements
• GDPR and UK Data Protection Act
• ISO 27001
• NIST Cybersecurity Framework
• CIS Controls and Benchmarks
• DORA (Digital Operational Resilience Act)
• Industry‑specific security obligations
• Support internal and external audits, regulatory reviews, and assurance activities.
• Develop cloud security standards, patterns, policies, and control frameworks.
• Conduct cloud security risk assessments and threat modelling exercises.
• Identify security risks and develop mitigation strategies aligned to enterprise risk appetite.
• Support operational resilience and business continuity objectives.
• Contribute to cyber resilience testing, disaster recovery planning, and incident response exercises.

• Lead implementation of cloud‑native security controls, monitoring, and threat detection capabilities.
• Work closely with Security Operations teams to improve visibility, detection, and response within cloud environments.
• Oversee cloud vulnerability management, secure configuration management, and remediation programmes.
• Drive automation of security controls through Infrastructure as Code and Dev Sec Ops  practices.

• Partner with Risk, Compliance, Legal, Audit, Technology, and business stakeholders to ensure security requirements are effectively understood and implemented.
• Provide clear security guidance to senior leadership and project teams.
• Mentor and develop engineers, architects, and security practitioners across the organisation.
• Significant experience in Cloud Security Engineering, Security Architecture, or Cyber Security leadership roles.
• Proven experience operating within a regulated industry such as:
• Banking
• Insurance
• Utilities
• Government/Public Sector
• Critical National Infrastructure
• Strong expertise across Azure, AWS, or multi‑cloud environments.
• Experience implementing cloud security controls aligned to recognised frameworks and regulatory requirements.
• Deep understanding of:
• Identity and Access Management (IAM)
• Zero Trust principles
• Data Protection and Encryption
• Network Security
• Cloud Security Posture Management (CSPM)
• Security Information and Event Management (SIEM)
• Threat Detection and Incident Response
• Experience with Infrastructure as Code and automation tools such as Terraform, Bicep, Cloud Formation, or similar.
• Experience securing container and Kubernetes‑based environments.
• Strong stakeholder management and communication skills.
• Demonstrable experience leading technical teams and influencing strategic outcomes.
• Experience engaging with regulators, auditors, and external assurance providers.
• Experience implementing operational resilience and security control frameworks in cloud environments.
• Knowledge of third‑party risk management and supply chain security.
• Experience with Microsoft Defender Suite, Microsoft Sentinel, Wiz, Prisma Cloud, Lacework, or similar technologies.

One or more of the following would be advantageous:

• CISSP
• CCSP
• CISM
• AZ-500 Microsoft Azure Security Engineer
• Microsoft Cybersecurity Architect Expert
• AWS Security Specialty
• Certified Cloud Security Professional (CCSP)
• SABSA or TOGAF

• Competitive salary and annual bonus
• Hybrid and flexible working arrangements
• Pension and healthcare benefits
• Professional development and certification support
  
  Opportunities to work on large‑scale cloud transformation and resilience programmes
• A key role in shaping the future security posture of a highly regulated organisation