Cloud Security Engineer - full remote working
Launched in 1998, this pioneering British-born brand has specialised in creating amazing experiences and unforgettable memories - from hotels, city breaks and holidays to theatre, entertainment and spa days. Experts in brightening up online travel, lastminute.com is among the worldwide leaders in the field, helping hundreds of thousands of customers every year find, and do, "whatever makes them pink".
lastminute.com is the European Travel-Tech leader in the dynamic holiday packages business, uniquely positioned to drive innovation-led growth. More than 1,700 employees spread across our offices worldwide develop our own products and services to power the entire traveller journey for millions of people.
At the heart of our culture is a commitment of inclusion across race, gender, age sexual orientation, religion, gender identity or expression and accessibility. We strongly believe in an equal opportunity space, which is welcoming and celebrates the uniqueness of everyone who works here. We value different lived experiences and respect viewpoints, as we know unicity drives innovation. We want to make sure our people reflect the communities across the world we help travel.
lastminute.com is looking for an experienced and highly motivated Cloud Security Engineer to join our growing IT Security Team with a particular focus on the AWS company's cloud infrastructure.
For lastminute.com Privacy and Cyber Security are not only a need but a fundamental pillar of the relationship with our customers, as clearly stated in our ESG principles.
With this approach, the ideal candidate is passionate about cybersecurity and constantly looking for a new ways to improve it. He/she has excellent communication and organizational skills and ideally has previous experience in managing complex projects at the international level.
Reporting directly to Chief IT Security Engineer, the Cloud Security Engineer is responsible for defining, implementing, and developing security solutions related to Cloud infrastructures to create and maintain the safest operating environment.
The ideal candidate is in charge of ensuring our Cloud architecture, Systems and Software are designed and implemented with a Security by Design approach to reach the highest security standards. He/she will perform technical security assessments, configuration audits, code reviews and vulnerability testing to highlight risks, supporting lastminute.com tech department in discovering security issues and preserving international security certifications.
- Identify and engineer technical solutions to work towards a secure-by-default by switching toward a defensive mindset
- Define Cloud Governance and Controls Framework guidelines to deploy a secure cloud infrastructure in AWS, Azure or GCP
- Work with Site Reliability Engineer team to implement and secure cloud infrastructure
- Be a driving element and enable greater cooperation between product teams, cybersecurity and compliance functions; helping quantify the risk, define relevant control objectives and activities to of securing cloud workloads.
- Perform technical security assessments, code audits, and design reviews.
- Communicate and influence Product teams on assessment outcomes.
- Produce metrics and insights to help monitor vulnerability management strategy and programs.
- Enable better security decisions with actionable and relevant threat intelligence.
- Provide security guidance to the tech organization.
- Work with strategic/technology partners and other stakeholders.
Minimum 3y experience in a similar role
Cloud automation with Terraform
Security Network architecture
AWS Security Hub
Audit processes for cloud infrastructure
Application Security and DevSecOps
Coding and Scripting experience
AWS Security Certification
Incident Response Best Practices
Experience with attacks and mitigation methods
Solid project management experience in security complex projects, including defining scope, setting project timelines and milestones, driving team and deliverables, identifying risks, and managing issues.
Ability to work collaboratively and independently while managing multiple projects, assignments, and/or responsibilities
By joining our company, you will have the chance to:
- Join a dynamic team in an inclusive-international environment
- Grow thanks to the career journey and our internal mobility perspective
- Manage your own schedule thanks to the flexible start and end of the working day
- Work a shorter working week (36h), of which 4 hours on Friday morning
- Get focus time for learning, development and deep work on Friday mornings
- Work partially or fully remote according to local laws
- Enjoy continuous training thanks to our company platform
- Benefit from employee discounts on travel
- Receive 2 days off per year for the purpose of volunteering
- Get free snacks / fruit / hot drinks / water / beverages at our offices
- Participate in amazing winter and summer corporate events
- Benefit from extended parental or marriage leave
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits Automation AWS Azure Cloud Compliance DevSecOps GCP Governance Incident response Privacy Scripting Security assessment Strategy Terraform Threat intelligence Vulnerability management
More jobs like this
Egham - Tamesis Egham - Tamesis Full TimeSenior Senior-levelUSD 42K - 78K * USD 42K+ *
Sr. Director Analyst – Cloud and Network Security, Emerging Technologies and Trends (REMOTE - UK)Application security AWS Azure CCSP CEH CISSP +7
Career development Conferences Startup environment Team events
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs