About the opportunity Are you passionate about cybersecurity and eager to make a real impact in a dynamic environment? Look no further! We…
Senior Cloud Security Engineer (London, Bracknell or Bristol)
We are HealthHero, Europe’s largest digital clinic. Join us at a pivotal moment as we scale our digital healthcare platform across Europe — giving you the chance to shape security at the heart of a fast-growing, AI-driven business. We are recruiting an exciting Senior Cloud Security Engineer on an initial 12 month fixed term contract, with a view to becoming permanent – based in either our London or Bristol office two days per week.
About the role
This role will form a fundamental part of a growing Platform Security function, where the team covers application security, cloud security, security operations, culture and risk management. As a tech-centric organisation the Information Security team will play a critical part in embedding a security-first mindset into application development and continuous application monitoring. This role will co-own the cloud security posture and tooling across HealthHero’s AWS and Azure estates and have the opportunity to tackle cloud security with an international scope. The role will be supported by a multidisciplinary force of Infrastructure, Data Governance and Engineering team leads with a security focus as part of their remit. The role has a focus on infrastructure and cloud networking when it comes to security posture.
As an experienced Cloud Security Engineer, your working day will include but not be limited to:
DevSecOps & SDLC
Champion integration of security testing into CI/CD pipelines across all development teams and usage of automated security gates: SAST, DAST, dependency scanning, secrets detection
Enable self-serve security tooling for development teams
Ability to set up development environment
Cloud Security
Own cloud security posture management using Wiz (or similar CSPM) Define and enforce cloud security baselines, guardrails, and policies in AWS
Implement and maintain IaC security scanning for Terraform
Manage IAM policies, network segmentation, and secrets management
Configure and tune SIEM (or similar) for cloud-focused detection
Establish logging, monitoring, and alerting requirements based on threat modelling
Investigate and respond to cloud security events
Risk & Compliance
Identify, articulate, and escalate security risks to senior leadership with mitigation plans
Track and remediate vulnerabilities across infrastructure
Manage customer initiatives related to due diligence when required to
Support and develop annual programme of Penetration Testing and associated remediations
Stakeholder Engagement
Partner with internal and stakeholder management to support any requirements from the security function - particularly governance and accreditation requirements across different countries
Provide expertise on emerging threats and vulnerabilities
Support response to customer/client due diligence requests with timely and accurate information regarding vulnerability exposure
Key Skills and Experience
Essential
Proven experience in application security, DevSecOps, or cloud security
Strong understanding of cloud networking
Experience securing cloud environments (AWS, Azure)
Ability to read and write IAC (Terraform) code, comfortable with IAC lifecycles
Familiarity with container security and Kubernetes
Understanding of secure coding, penetration testing techniques, SIEM, and vulnerability management
Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security and risk analysis
Understanding of managing Secure Development Lifecycle and Vulnerability Management.
Understanding and practical experience of ISO27001:2022 controls and audit processes
Desirable
AWS Security Specialty or similar certification
Experience in regulated environments (healthcare, financial services)
Familiarity with NHS DSPT
Technical knowledge of GDPR and data protection requirements
Hands-on with CI/CD security tooling and pipeline integration
Interest in learning other countries health and security regulations (France / UK / IR / DE)
Neutral 2–4 sentence summary of what working at this company is like, drawn from public reviews and press coverage. Tone, collaboration style, pace, benefits highlights.
£45,000 – £60,000 (Glassdoor, Levels.fyi, 2025)
About the opportunity Are you passionate about cybersecurity and eager to make a real impact in a dynamic environment? Look no further! We…
About the opportunity Are you passionate about cybersecurity and eager to make a real impact in a dynamic environment? Look no further! We…
Who we are At Twilio, we’re shaping the future of communications, all from the comfort of our homes. We deliver innovative solutions to hu…
Working at CreateFuture CreateFuture is an AI-native consulting partner where people do work that matters and are supported to do it well. W…
hackajob is collaborating with Made Tech to connect them with exceptional professionals for this role. About Made Tech At Made Tech we want…
About Made Tech At Made Tech we want to positively impact the future of the country by using technology to improve society, for everyone. We…