Senior Cloud Security Engineer

We are looking to hire a Senior Cloud Security Engineer to join the Technology Team and Data Team, this role will report to our newly appointed Director of Information Security. This role is needed to support the implementation of our new security strategy and support the building of a secure cloud platform. You’ll have key relationships with various people across our Security, Tech Ops and Engineering Teams.

This opportunity would suit someone who is looking to take on more ownership in their role, maximise the value provided by our tools and shape the way we work in this newly formed team within Technology and Data.

At Our Future Health, our mission is to transform the prevention, detection and treatment of conditions such as dementia, cancer, diabetes, heart disease and stroke.  We’re looking for people to join us on our journey. If you’re looking for a new challenge where you can contribute to helping future generations live in good health for longer, then we’re keen to speak with you. 

What you’ll be doing:

This role will help us mature our cloud security through enhancing and automating various security controls and working . In this role, you will:

• Work with the cloud team and provide expert advice on securing our use of Azure cloud services, Kubernetes and containers In particular, provide guidance and a level of oversight for Azure network security and Key Vault
• Encourage a ‘shift-left’ approach to security
• Oversee and support the operation of Microsoft Defender for Cloud
• Develop and get wider buy-in for security policy as code (using OPA or similar)
• Assist with securing our Data Platform, including our use of Databricks, Dagster and Snowflake along with our in-house developed applications and CI/CD pipeline
• Leverage in-house knowledge to enrich and benefit the SIEM and SOC (e.g. managing Sentinel watchlists, assisting with triage, sharing knowledge of our technical estate with the MSP analysts, etc.)
• Build and operate SOAR capabilities (using Azure Logic Apps)
• Mature our use of and support the operation of Entra ID (previously AAD) for IAM, Identity Governance and Privileged Identity Management
• Collaborate with wider tech and security teams on the implementation and operation of a robust Customer Identity and Access Management (CIAM) service
• Document security processes and security tool low-level design/configuration
• Contribute to the development of security service delivery and operation documentation
• Assist tech teams with integrating their systems and services with security services and tools
• Support the security and application security engineers and wider security team with their various responsibilities, including achieving and maintaining ISO 27001 certification and threat modelling activities

What you won’t be doing:

• Working in a siloed environment with no freedom to make decisions.
• Working in an environment where you can’t see the impact your expertise makes.

The environment

We’re an agile team who work in short, product focused development cycles, solving complex technology problems in collaboration with a ground-breaking team of Behavioural Scientists, Epidemiologists, Clinical Operations specialists, and Ethicists. We’ve come from start-ups, tech companies, universities, the NHS and health charities. Together we’re experienced in building and scaling big consumer products, working with different kinds of health data.

Requirements

We absolutely welcome applicants who don't think they meet all the criteria below or who have a non-traditional security background. However please bear in mind that this is a highly hands-on role and scripting skills are essential.

• Proficient in writing Terraform, KQL and ideally Python and PowerShell
• Significant hands-on experience with Microsoft Sentinel
• Significant hands-on experience with Microsoft’s Defender suite, in particular Defender for Cloud
• Experience of securing Azure and Azure security services (e.g. Key Vault, NSGs, WAF, etc.)
• Experience of securing Kubernetes (ideally AKS) and container security
• Experience with Microsoft Entra ID (previously AAD), including the Identity Governance capabilities
• Experience of SOAR tooling, automating security capabilities and operations and security/policy as code (e.g. with OPA, Azure Policy, etc.)
• Ideally experience of securing Github and Github actions (or similar)
• Ideally experience in securing data platforms (e.g. Databricks, Dagster, Snowflake)
• Experience in Threat Modelling
• Exposure to Agile working and DevSecOps
• Knowledge of ISO 27001
• Desire to be part of a small fast-paced team
• Relevant certifications, such as: Microsoft certifications (MS-500, AZ-500, AZ-700, SC-200, SC-300), CompTIA Security+ and Cloud+, Cloud Security Alliance CCSK, ISC2 CCSP

Benefits

• Salary range -£65,000 - £80,000
• Generous company pension package with employer contributions of up to 12%
• 30 days annual leave (plus bank holidays.)
• Continuous career development with regular appraisals and learning and development opportunities.
• A lovely new office in Holborn, Central London – we offer flexible and remote working arrangements.

Join us - let’s prevent disease together.