The Lead Security Engineer (Cloud) -will drive the design and evolution of secure, scalable, and cost-efficient cybersecurity solutions that safeguard enterprise operations. Operating within the Security Engineering job cluster, this role focuses on protecting systems, data, and identities through secure design, robust controls, proactive detection, and rapid response. The Lead Security Engineer (Cloud) defines and implements security architecture frameworks and engineering standards, embedding automation and controls that ensure regulatory compliance and secure-by-design delivery. This role partners closely with Information Security, Application, Data, and Infrastructure teams to embed security by design, enhance resilience, and advance the organizations cybersecurity maturity.

Summary :

- Ensure all cybersecurity engineering initiatives and controls are aligned with the organizations Information Security Governance framework, as defined and directed by the InfoSec team.

- Define, implement, and evolve cybersecurity architecture for enterprise systems, ensuring solutions are secure, scalable, and operationally effective.

- Drive the adoption of advanced security technologies and modern infrastructure practices to enhance protection, scalability, and operational efficiency.

- Collaborate with global and local teams to ensure seamless integration of security solutions and uphold operational excellence across distributed environments.

Years of experience required :

10+ years in cybersecurity and security engineering, with at least 5 years in senior or lead security engineering and architecture roles.

Key Responsibilities & Accountabilities :

- Define and implement cybersecurity architecture frameworks for hybrid and multi-cloud environments (AWS, Azure, GCP), ensuring scalability, security, and operational efficiency.

- Implement security controls and compliance requirements for regulated environments, ensuring secure deployment patterns and measurable risk reduction.

- Collaborate with cross-functional teams including Application, Data, and Network Engineering to ensure interoperability, performance optimization, and Zero Trust principles.

- Evaluate emerging security technologies and recommend adoption strategies to strengthen agility and resilience.

- Develop risk mitigation strategies and continuously monitor the organizations security posture and threat landscape including hands-on involvement in threat modelling, control validation, and incident response support.

- Produce and maintain reference architectures, design patterns, and best practices for enterprise security programs.

- Provide technical leadership and mentorship to engineering and operations teams, fostering a culture of security, automation, and continuous improvement.

- Support disaster recovery and business continuity planning, ensuring compliance with regulatory and enterprise standards.

- Leverage platform security tools such as Microsoft Defender, email gateway solutions (e.g., Mimecast), MDR platforms (e.g., Hunters), patch management services, incident response tools, and data governance platforms (e.g., Varonis).

- Ensure adherence to company policies, regulatory requirements, and mandatory training programs.

Functional & Behavioral Competencies required :

Must-Have Skills :

- Expertise in major security platforms and tools such as SIEM, IDS/IPS, and DLP.

- Strong knowledge of containerization technologies such as Docker and Kubernetes and serverless architectures.

- Proficiency in Infrastructure as Code frameworks such as Terraform and CloudFormation for secure deployments.

- Deep understanding of cybersecurity frameworks and compliance standards such as ISO 27001, SOC 2, GDPR.

- Experience with CI/CD pipelines and DevOps practices to enable secure automation.

- Strong understanding of identity and access security (Entra ID / IAM), privileged access management, and Zero Trust architectures.

Good-to-Have Skills :

- Familiarity with cloud security services such as AWS Security Hub or Azure Security Center

- Knowledge of vulnerability management tools such as Qualys or Tenable

- Understanding of identity and access management (IAM) solutions such as Okta

Functional Skills :

- Technical Leadership : Drives secure architecture and engineering decisions that balance risk, resilience, and delivery velocity. Stakeholder Engagement : Communicates complex security concepts clearly to technical and business audiences.

- Cross-Functional Collaboration : Leads diverse teams and manages vendor relationships to deliver secure, compliant solutions.

- Analytical Mindset : Applies structured thinking to risk mitigation and performance optimization.

- Domain Awareness : Insurance industry experience is an advantage, particularly in navigating regulatory requirements.

- Global Collaboration : Flexibility to work in UK shifts to enable effective engagement with global teams.

Required Qualifications / Certifications :

- Bachelors degree in computer science, Engineering, or related field.

- Certifications such as CISSP/CISM , / Azure Security Engineer CCSP or Google Professional Cybersecurity Lead are good to have.