Permanent Full Time role in Information Security.
Located in London - Hybrid.
Lead Cloud Security Engineer
Your new role at NewDay
As a Cloud Security Engineer, you’ll have the ability to play a major role in securing NewDay’s cloud infrastructure.
By helping to develop our cloud security roadmap and building automation and tooling you’ll enable our engineering teams to securely provision infrastructure, building security guardrails to ensure that security is embedded in infrastructure patterns by design.
The team is tasked with upholding the highest security standards for Cloud development, advancing the adoption of Compliance as Code, and proactively monitoring environments to enhance configurations and builds while identifying potential vulnerabilities or threats.
* Security Control Automation: Identify, design, deploy, and automate security measures in complex Cloud environments using tools like Bicep, Terraform, and Plum.
* Cloud Security Tooling: Develop and embed Cloud-native security solutions, leveraging experience in threat modelling and architectural reviews to strengthen security frameworks.
* Security Reviews: Provide advice and guidance, conduct reviews, and raise awareness on Cloud security for Engineering teams, ensuring adherence to standards such as PCI-DSS, & CIS benchmarks.
* Incident Response: Collaborate and support our Security Operations team to respond to major security incidents and threats.
* Support, Compliance, and Advocacy: Assist with risk and compliance initiatives, optimise Cloud costs, identify platform enhancements, and champion Cloud security across the organisation.
What you’ll bring
We need knowledge, experience + expertise in:
* 5 years experience in security engineering, cloud security or DevSecOps
* Hands-on experience building secure infrastructure using Infrastructure as Code
* At least one high-level programming language such as Python, C#, or Java
* Strong hands-on experience working with major cloud providers (Azure, AWS or GCP)
* Working knowledge of CI/CD such as GitHub Actions, AzureDevOps, Jenkins
And would love you to know or learn:
* Threat modelling of cloud infrastructure
* Securing and hardening CI/CD pipelines
* Pulumi, Terraform, or Bicep
* Compliance as Code tooling such as Azure Policy, AWS SCPs
* Understanding of PCI-DSS, and other security frameworks
About NewDay
We help people move forward with credit and help our colleagues to move their careers forward too.
At NewDay, we value all types of diversity. We’re an equal opportunity employer and believe that our differences create a vibrant, authentic working culture. We want all our colleagues to feel able to bring their whole selves to work.
We invest in our colleagues. On top of a strong market competitive salary, you get a bonus opportunity that matches the impact (delivery + values) you drive in your role. We also help you retire better with market leading pensions.
At NewDay, #yourwellbeing matters: You get 26 days holiday and can buy up to 5 more after probation. Then you’ll get extra days as you build your career with us.
Our tax efficient green car and cycle to work schemes save you money (and help the planet).
#J-18808-Ljbffr