Senior Cloud Security Engineer
London - Hybrid
New Day
At NewDay, our business is focused on a single, clear and defining purpose: to help people move forward with credit.Senior Cloud Security Engineer
Working at our iconic office in King’s Cross, London
Your new role at NewDay
As a Senior Cloud Security Engineer at NewDay, you will work with internal engineering teams, helping them implement DevSecOps practices. You will design, build, and deploy secure infrastructure using IaC tools. In addition, you will develop high-quality technical content such as reusable modules, templates, custom workflows, automation tools, reference architectures, and guidelines to create a paved security road for engineering teams. You will also solve security challenges and reduce bottlenecks, preventing faster deployments.
In 0-12 months you’ll deliver
- Security Control Automation: Design, deploy, and automate security measures in complex Cloud environments using tools like Bicep, Terraform, and Plum.
- Cloud Security Tooling: Develop and embed Cloud-native security solutions, leveraging experience in threat modelling and architectural reviews to strengthen security frameworks.
- Security Reviews: Offer guidance, conduct reviews, and raise awareness on Cloud security for Engineering teams, ensuring adherence to standards such as PCI-DSS, & CIS benchmarks.
- Incident Response: Collaborate with the Security Operations team to respond to major Cloud incidents and threats.
- Support, Compliance, and Advocacy: Assist with risk and compliance initiatives, optimise Cloud costs, identify platform enhancements, and champion Cloud security across the organisation.
What you’ll bring
We need knowledge, experience + expertise in:
-
5 years experience in security engineering, cloud security or DevSecOps
-
Hands-on experience building secure infrastructure using Infrastructure as Code
-
At least one high-level programming language such as Python, C#, or Java
-
Strong hands-on experience working with major cloud providers (Azure, AWS or GCP)
-
Working knowledge of CI/CD such as GitHub Actions, AzureDevOps, Jenkins
And would love you to know or learn:
-
Threat modelling of cloud infrastructure
-
Securing and hardening CI/CD pipelines
-
Pulumi, Terraform, or Bicep
-
Compliance as Code tooling such as Azure Policy, AWS SCPs
-
Understanding of PCI-DSS, and other security frameworks
Where next?
We encourage you to apply even if you feel that you don’t meet all the listed requirements and capabilities listed for the role. If you are passionate about the role
and feel that you can help us secure our cloud infrastructure we would love to hear from you.
In the NewDay Tech team, you’ll join an Expert or Leader career pathway. This will guide you on what your next step here could look like, with regular and open feedback to help you build capabilities to move forward.
About NewDay
We help people move forward with credit and help our colleagues to move their careers forward too.
We use our highly flexible, scalable, and multi-product digital credit engine to power over 120 million transactions every year. Our brands include Aqua, marbles, fluid and Bip. We partner with leading brands such as John Lewis, AO, Argos and DEKO.
Over 5 million UK customers are supported by our award-winning customer service.
At NewDay, we value all types of diversity. We’re an equal opportunity employer and believe that our differences create a vibrant, authentic working culture. We want all our colleagues to feel able to bring their whole selves to work. We don’t discriminate on the basis of age, physical or mental disability, gender reassignment, marriage and civil partnership, pregnancy and carer status, race (including colour, nationality, and ethnic or national origin), religion or belief, sex and sexual orientation. We make sure that every job is crafted to be inclusive and that people with disabilities or caring responsibilities can take part in the application and interview process. Tell us if you need accommodations: we’ll put reasonable adjustments in place to support you.
Our dynamic NewDay culture
We’re focused on what will drive impact in helping people move forward with credit. Our distinctive culture is geared to spark innovation and team working – with lots of open doors for development. Our customers can rely on us because we aim high, support each other, do the right thing and build for the future.
We invest in our colleagues. On top of a strong market competitive salary, you get a bonus opportunity that matches the impact (delivery + values) you drive in your role. We also help you retire better with market leading pensions.
At NewDay, #yourwellbeing matters: You get 26 days holiday and can buy up to 5 more after probation. Then you’ll get extra days as you build your career with us.
NewWork, our flexible, hybrid working approach, helps you to manage your work/life balance - and even bolt on work time in other countries before or after your holiday. And when you’re in the office, you get free healthy breakfast, fresh juices, lunch, barista coffee etc.
Our tax efficient green car and cycle to work schemes save you money (and help the planet).
Ask your Talent Acquisition Partner to tell you more about any of our perks.
We work with Textio to make our job design and hiring inclusive.
#LI-Hybrid
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Azure C CI/CD Cloud Compliance DevSecOps GCP GitHub Incident response Java Jenkins Python Terraform
Perks/benefits: Career development Competitive pay Flex hours
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.