Cloud & Platforms Security Engineer
London, United Kingdom
LegalAndGeneralLegal & General are a leading UK financial services provider, offering life insurance, pensions, retirement and investment services. Get a quote today.
The world of investment is changing. Our vision at Legal & General Investment Management is to create a better, more sustainable future through responsible investing. We work in partnership with our clients around the globe to deliver positive long-term outcomes, while rising to the challenges of a rapidly changing world. Our clients include institutional pension funds, financial institutions, local authorities and sovereign wealth funds. To meet our clients’ complex and evolving investment needs, our investment strategies cover a broad array of asset classes and styles, including equities, bonds, property and alternatives, as well as multi-asset funds. We’re focused on continuously innovating our investment products, maintaining our reputation as experts across all asset classes, and striving to build a more responsible and sustainable future.
The Cloud and Platform Security Engineer plays a crucial role in ensuring the security and compliance of our cloud-based and container platform infrastructure. The role holder will be responsible for designing, implementing, and maintaining security measures across the Legal & General Investment Management business. The Cloud and Platform Security Engineer will work closely with cross-functional teams, including developers, site reliability engineers, system administrators, and IT operations. This role requires a deep understanding of cloud security best practices, DevOps principles, and a proactive approach to identifying and mitigating security risks.
- Govern compliance with security strategies and best practices for cloud and platform environments (e.g. NIST SP 800, Kubernetes CIS)
- Oversee the implementation of security controls, policies, and procedures for AWS and OpenShift environments, ensuring a secure foundation for all services
- Lead the identification, assessment of vulnerabilities in cloud and platform services and facilitate the prioritisation of activities with the respective engineering teams
- Conduct regular security assessments, penetration testing, and vulnerability scanning to identify and address security risks
- Collaborate closely with cross-functional teams, including Platform Teams, Site Reliability Engineers, IT Operations, and development teams, to ensure security is integrated throughout the development and deployment lifecycle
- Work with the LGIM Application Security Function to optimise security rules, testing and auditing to prevent IaC regression and stop misconfigurations from reaching production environments
- Produce regular progress update reports and present findings and recommendations to senior management for consideration
- Ensure alignment to L&G’s Code of Conduct and proactively assess if behavioural rules and culture related to risk management are demonstrated by members of the LGIM Technology function
- Bachelor’s degree or equivalent experience in computer science, IT engineering, or related field
- A master’s degree in Information / Cyber Security would be an advantage
- Relevant AWS or Information Security industry certification (CISA, CISSP, CISM or equivalent) strongly preferred
- Strong knowledge of security best practices, compliance standards, and industry regulations
- Proficiency in scripting and automation
- Excellent communication and leadership skills.
- Proven experience in AWS cloud security and DevOps security practices
- Practical knowledge of AWS services and security tools
- Hands-on experience with DevOps tools like GitHub, Jenkins, Kubernetes
- Familiarity with security frameworks such as CIS, NIST, and ISO 27001
- Experience with security monitoring tools
- Cross cultural sensitivity and flexibility
- Ability to interact with senior security stakeholders and report on programme effectiveness
When you commit to Legal & General, we’ll commit to you too. That means we’ll recognise and reward your hard work, your performance and your contribution.
If you join us, you’ll get access to some great benefits, including private medical insurance, at least 25 days holiday (excluding bank holidays), a generous pension scheme, life assurance, and Income Protection. You can participate in our electric car scheme, which offers employees the option to hire a brand new electric car through tax efficient salary sacrifice. We’re also proud to offer competitive family leave.
You’ll have the opportunity to participate in our annual, performance-related bonus plan and valuable share schemes. And then there are the many discounts we offer that you can take advantage of – both for our own products and at a range of high street stores and online offerings.
The brand with the brolly is choosing today to change tomorrow.
Since 1836, we’ve grown to become one of the world's largest asset managers, homebuilders, pension providers and insurance brands.
We’re all here to improve the lives of our customers, build a better society for the long term, and create value for our shareholders - helping to shape a better future for society and the planet.
We need people who share our ambitions, agility and entrepreneurial spirit to help us do it.
At L&G, you’ll find a balance that helps you be your best. Empowered by hybrid working, we’re supported by technology and workplaces that enable us to work effectively wherever we are. We come together in offices to collaborate and connect, and use time at home for individual, focused activities. And, when we achieve great things, we celebrate our success and reward strong performance.
Today, there’s over 10,000 of us, working towards our mission, with plenty of opportunities to grow your career as we grow L&G. Will you join us?
Great minds don’t have to think alike, so we welcome voices from all backgrounds. Bringing together people with different life experiences helps us build empathy with our customers and drive innovation.
We don’t just talk about it, we actively promote diversity and equitable opportunities for all. That means our employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability or protected veteran status. In fact, we embrace every dimension of diversity to reflect the customers and communities we serve.
We think it’s important to create an inclusive environment where we can all belong, contribute and drive progress, where you can develop and grow, and be empowered. We want you to use your voice to help us build a better tomorrow.
We all work differently, and have different needs, which is why. we’re always open to discussing flexible working arrangements. Likewise, we’re committed to finding reasonable accommodations for candidates with specific needs during our recruiting process.
So whoever you are, wherever you are, whatever your story, we'd love to hear from you.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits Automation AWS CISA CISM CISSP Cloud Compliance Computer Science DevOps GitHub ISO 27001 Kubernetes Monitoring NIST Pentesting Risk management Scripting Security assessment Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Chief Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Senior Security Architect jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Governance-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open DoD-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open EDR-related jobs