Cloud Security Engineer

Salary: £53.8k - £64.6k per annum (Dependent on skills & qualifications)

Perks & Benefits: Competitive pension scheme - Enhanced maternity/paternity pay - Life assurance - HolidayPlus - Cycle2work Scheme & more

Reference: REQ4483

We are looking for….

We are looking for a Cloud Security Engineer to join us and ensure our IT and OT networks are secure and compliant. You will act as an SGN Security subject matter expert and act as the primary contact when assisting with Cloud Security configuration items and incident remediation.

We deliver safety, warmth, and comfort to homes and businesses across the community. Whether you're supporting from the office or working on the front line, every role plays a part.

How you’ll support us on our mission to keep people safe and warm…

• Providing support to different Security functions, including OT Security, Governance Risk and Compliance, Security Assurance and other key business needs
• Ensuring security metrics are well documented and presented at monthly reviews
• Being a subject matter expert and remaining up to date on cutting-edge technology, providing technical/nontechnical security support to the wider SGN Security team and organisation
• Working alongside third-party network vendors, coordinating security activities
• Support with varied tasks, including internal and external audits, penetration testing activities and input into Incident & Lessons Learnt calls to identify solutions
• Ensuring security policies are enforced and completing routine technical vulnerability assessments, working with IT Security Leads to propose and coordinate delivery of mitigating actions and required solutions
• Attend head office in Portsmouth at least once a quarter

What you’ll need

We’re looking for a blend of skills and attributes that make you a great fit for this role. If you don’t tick every box, don’t worry - we provide tailored learning and development programs to help you grow and succeed with us.

• You hold a degree or equivalent career experience in a relevant discipline
• You have good understanding and experience of Cyber Security Frameworks and standards (NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc)
• Cloud Platforms**: Proficiency in AWS and Azure, including core services like computing, storage, networking, and databases.
• Familiarity with cloud-native security tools such as AWS GuardDuty, Azure Security Center, and Google Cloud Security Command Center.
• Understanding of networking concepts, virtualization, and cloud infrastructure.
• Skills in handling security incidents, including detection, analysis, and response.
• Proficiency in scripting languages like Python, PowerShell, and Bash.
• Ability to analyse and utilize threat intelligence to enhance security measures.
• Experience with security tools and technologies such as firewalls, WAF's, intrusion detection/prevention systems, and vulnerability scanners.
• Conducting regular security audits and vulnerability assessments
• Familiar with implementing and managing IAM policies to control access to cloud resources.
• Proficient in identifying, assessing, and mitigating risks in the cloud environment.
• Experience with monitoring tools like AWS CloudWatch, Azure Monitor, and log analysis.
• You have great attention to detail, a confident communicator across various business levels and decision-maker when required

Preferred Certifications

• AWS Certified Solutions Architect - Professional
• Microsoft Certified: Azure Security Engineer Associate
• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• SC clearance

Soft Skills

• Analytical Thinking: Ability to analyse complex security data and identify potential threats.
• Problem-Solving: Strong problem-solving skills to address security challenges effectively.
• Communication: Clear and concise communication skills to report security incidents and collaborate with other teams.
• Team Collaboration: Working well within a team and collaborating with other departments to ensure a secure cloud environment.
• Continuous Learning: Staying updated with the latest security trends, threats, and technologies.