What Jobs are available for Cloud Security in London?

• Design, implement, and manage security controls and solutions for cloud environments (IaaS, PaaS, SaaS).
• Conduct regular security assessments, vulnerability scans, and penetration tests on cloud infrastructure.
• Develop and maintain cloud security policies, standards, and procedures.
• Monitor security alerts and events, investigating and responding to security incidents in a timely and effective manner.
• Collaborate with engineering and IT teams to ensure security is integrated into the cloud architecture and development lifecycle.
• Develop and deliver security awareness training to employees.
• Stay up-to-date with the latest cloud security threats, vulnerabilities, and best practices.
• Manage and configure cloud security tools, including SIEM, WAF, IDS/IPS, and endpoint security solutions.
• Ensure compliance with relevant regulatory requirements and industry standards (e.g., GDPR, ISO 27001).
• Participate in security incident response planning and execution.
• Evaluate and recommend new security technologies and solutions.
• Provide expert guidance and support to internal teams on cloud security matters.

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree is a plus.
• 5+ years of experience in information security, with a strong focus on cloud security.
• In-depth knowledge of cloud platforms such as AWS, Azure, and Google Cloud Platform.
• Experience with cloud security frameworks and best practices (e.g., CIS Benchmarks, NIST).
• Hands-on experience with security tools like SIEM, vulnerability scanners, IDS/IPS, and endpoint detection and response (EDR).
• Understanding of network security principles, cryptography, and identity and access management (IAM).
• Relevant security certifications such as CISSP, CCSP, AWS Certified Security – Specialty, or Azure Security Engineer Associate.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and interpersonal skills, with the ability to explain complex security concepts clearly.
• Ability to work independently and manage multiple priorities in a remote environment.
• Experience with scripting languages (e.g., Python, PowerShell) for automation is beneficial.

• Develop, implement, and maintain security controls and architectures for cloud platforms (e.g., AWS, Azure, GCP).
• Conduct regular security assessments, vulnerability scans, and penetration testing of cloud infrastructure.
• Monitor security alerts and respond to security incidents, performing root cause analysis and implementing remediation actions.
• Define and enforce security policies, standards, and procedures for cloud environments.
• Collaborate with IT and development teams to ensure security is integrated into the cloud lifecycle.
• Manage cloud security tools, including identity and access management (IAM), encryption, and security monitoring solutions.
• Stay abreast of emerging cloud security threats, vulnerabilities, and best practices.
• Participate in security audits and ensure compliance with relevant regulations (e.g., GDPR, PCI DSS).
• Develop and deliver security awareness training to employees regarding cloud security.
• Contribute to the development of the overall information security strategy.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 5 years of experience in information security, with a strong focus on cloud security.
• Hands-on experience with security best practices for major cloud providers (AWS, Azure, GCP).
• Proficiency in cloud security tools and technologies, including IAM, SIEM, and vulnerability management.
• Understanding of security frameworks such as ISO 27001, NIST.
• Relevant security certifications (e.g., CISSP, CCSP, cloud provider security certifications) are highly desirable.
• Excellent analytical, problem-solving, and incident response skills.
• Strong communication and interpersonal skills, with the ability to explain technical concepts to diverse audiences.
• Experience working within a hybrid work model.

• Design, implement, and maintain security controls and configurations for cloud infrastructure (AWS, Azure, GCP).
• Conduct regular security assessments, vulnerability scans, and penetration testing of cloud environments.
• Monitor cloud security logs and events, identifying potential threats and responding to security incidents in a timely manner.
• Develop and implement security policies, procedures, and guidelines for cloud usage.
• Collaborate with engineering and operations teams to ensure security best practices are integrated into cloud architectures and development lifecycles.
• Manage and configure cloud security tools, including firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection.
• Perform threat modeling and risk assessments for cloud-based applications and services.
• Stay current with emerging cloud security threats, vulnerabilities, and best practices.
• Assist in developing and delivering security awareness training for employees.
• Contribute to incident response planning and execution for cloud-related security events.
• Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, GDPR, SOC 2).

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Minimum of 5 years of experience in information security, with a strong focus on cloud security.
• Hands-on experience securing major cloud platforms (AWS, Azure, GCP).
• Proficiency in cloud security tools and technologies (e.g., Security Groups, IAM, KMS, WAF, CloudTrail, Azure Security Center, Google Security Command Center).
• Strong understanding of network security principles, cryptography, and secure coding practices.
• Experience with SIEM platforms (e.g., Splunk, QRadar) and incident response procedures.
• Relevant security certifications such as CISSP, CCSP, AWS Certified Security - Specialty, or Azure Security Engineer Associate.
• Excellent analytical and problem-solving skills.
• Strong communication and collaboration abilities.
• Ability to work independently and manage priorities effectively in a remote setting.

Starling is the UK’s first and leading digital bank on a mission to fix banking! We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way.

We’re a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We’re a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,000 people across our London, Southampton, Cardiff and Manchester offices.

Our technologists are at the very heart of Starling and enjoy working in a fast-paced environment that is all about building things, creating new stuff, and disruptive technology that keeps us on the cutting edge of fintech. We operate a flat structure to empower you to make decisions regardless of what your primary responsibilities may be, innovation and collaboration will be at the core of everything you do. Help is never far away in our open culture, you will find support in your team and from across the business, we are in this together!

The way to thrive and shine within Starling is to be a self-driven individual and be able to take full ownership of everything around you: From building things, designing, discovering, to sharing knowledge with your colleagues and making sure all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.

Hybrid Working

We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person.

Our Engineering Environment

Starling engineers are excited about helping us deliver new features, regardless of what their primary tech stack may be. Hear from the team in our latest blogs or our case studies with Women in Tech .

We are looking for engineers at all levels to join the team. We value people being engaged and caring about customers, caring about the code they write and the contribution they make to Starling. People with a broad ability to apply themselves to a multitude of problems and challenges, who can work across teams do great things here at Starling, to continue changing banking for good.

As a Cloud Security Engineer at Starling, you’ll be building and supporting tooling and  infrastructure that spans across AWS and GCP supporting our internal operations and interfacing with other teams to deliver the services that support our business.

Requirements

• Knowledge of Identity and Access Management
• Experience with certificate management
• Experience with Infrastructure as Code
• System architecture and design

What skills are desirable:

• Experience with ECS and/or Kubernetes
• Experience with developing clean and highly maintainable code (ideally in golang), creating and improving existing infrastructure services and tooling
• Knowledge about cryptography

Duties of the role will entail:

• Taking ownership of projects and ensuring timely delivery
• Keeping abreast of new technologies and changes in the industry
• Working with and review code from other teams

Team:

Are you looking to make a big impact in a small team? Join our Security Engineering team, a diverse and dynamic group passionate about building secure and resilient systems. We're enthusiastic about security, but we're not about rigid, one-size-fits-all controls. We believe in striking a balance between protecting our systems and empowering our developers to build and innovate. Our goal is to make security a seamless part of the development lifecycle, not a roadblock. If you are someone who thrives in a collaborative environment and is excited about finding innovative security solutions, we would love to hear from you.

Our process:

Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team:

• Initial phone call - ~45 minutes
• Take home technical test to be discussed in the technical interview - ~3 hours
• Technical interview - ~1.5 hours
• Final Interview - ~40 minutes

Benefits

• 25 days holiday (plus take your public holiday allowance whenever works best for you)
• An extra day’s holiday for your birthday
• Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
• 16 hours paid volunteering time a year
• Salary sacrifice, company enhanced pension scheme
• Life insurance at 4x your salary & group income protection
• Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
• Generous family-friendly policies
• Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
• Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing

About Us:

You may be put off applying for a role because you don't tick every box. Forget that! While we can’t accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren’t sure if you're 100% there yet, get in touch anyway. We’re on a mission to radically reshape banking – and that starts with our brilliant team. Whatever came before, we’re proud to bring together people of all backgrounds and experiences who love working together to solve problems.

Starling is an equal opportunity employer, and we’re proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice.

By submitting your application, you agree that Starling may collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we may process, where we may process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.

• Design, implement, and manage security controls for cloud environments (AWS, Azure, GCP).
• Develop and enforce cloud security policies, standards, and best practices.
• Conduct regular security assessments, vulnerability scans, and penetration tests on cloud infrastructure and applications.
• Monitor security alerts and events, investigate potential breaches, and lead incident response efforts.
• Implement and manage identity and access management (IAM) solutions in the cloud.
• Develop and maintain security automation scripts and tools to enhance efficiency and effectiveness.
• Collaborate with development and operations teams to embed security into the CI/CD pipeline (DevSecOps).
• Stay current with the latest cloud security threats, vulnerabilities, and mitigation strategies.
• Provide security guidance and training to technical teams.
• Develop and maintain comprehensive security documentation, including architecture diagrams and procedures.
• Participate in security audits and compliance initiatives.

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• 5+ years of experience in information security, with a significant focus on cloud security (AWS, Azure, GCP).
• Proven experience with cloud security best practices, frameworks (e.g., CIS Benchmarks, NIST), and tools.
• Strong understanding of network security, encryption, and secure coding principles.
• Experience with security monitoring and incident response tools (SIEM, SOAR).
• Proficiency in scripting languages (e.g., Python, Bash) for automation.
• Relevant security certifications such as CISSP, CCSP, AWS Certified Security - Specialty, or Azure Security Engineer Associate are highly desirable.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and collaboratively in a remote team environment.

• Design, deploy, and manage comprehensive security solutions for cloud environments, including Identity and Access Management (IAM), network security, data protection, and threat detection.
• Develop and enforce cloud security policies, standards, and best practices.
• Conduct regular security assessments, audits, and penetration tests of cloud infrastructure.
• Implement and manage security automation tools and processes (e.g., Infrastructure as Code for security configurations).
• Respond to and investigate security incidents, providing timely resolution and post-incident analysis.
• Collaborate with development and operations teams to embed security into the CI/CD pipeline (DevSecOps).
• Stay informed about the latest cloud security threats, vulnerabilities, and emerging technologies.
• Ensure compliance with relevant industry regulations and standards (e.g., GDPR, ISO 27001, SOC 2).
• Develop and maintain security documentation, runbooks, and architectural diagrams.
• Provide technical leadership and guidance to other security team members and stakeholders.

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related technical field.
• Minimum of 6 years of experience in information security, with at least 4 years focused on cloud security.
• In-depth knowledge of security principles and best practices within major cloud platforms (AWS, Azure, GCP).
• Hands-on experience with cloud security tools such as security groups, WAFs, KMS, secrets management, and cloud-native security monitoring services.
• Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automation.
• Experience with Infrastructure as Code tools (e.g., Terraform, CloudFormation).
• Relevant cloud security certifications such as AWS Certified Security - Specialty, Azure Security Engineer Associate, or Google Professional Cloud Security Engineer are highly desirable.
• Strong understanding of network security, endpoint security, and data encryption.
• Excellent analytical, problem-solving, and incident response skills.
• Exceptional communication and collaboration skills, essential for a remote-first environment.

This is an excellent opportunity for Sr. Cloud Security Architect professionals to be part of leading-edge technology projects. Cognizant's Cloud, Infrastructure & Security Services Practice provides end-to-end solutions covering architecture, design, implementation, management, and on-going support across the entire enterprise technology infrastructure. Our services include a spectrum of management, consulting, and systems integration services to help our clients maximize value in their infrastructure resources, while optimizing infrastructure performance and cost.

Key Responsibilities:

• Design, implement, and maintain scalable security solutions using AWS services such as AWS WAF, AWS Shield Advanced, AWS Secrets Manager, AWS Inspector, AWS Macie, AWS GuardDuty, AWS Detective, AWS CloudTrail, and AWS Security Hub.
• Ensure cloud environments meet organizational and compliance security standards, Firewall Management
• Manage, configure, and troubleshoot Checkpoint Firewall to maintain network perimeter security and prevent unauthorized access, Infrastructure as Code (IaC)
• Develop and maintain IaC using AWS CloudFormation or Terraform for automated deployment, configuration management, and consistent infrastructure provisioning.
• Security Configuration and Optimization
• Configure and optimize security measures, including IAM policies, security groups, network access controls, and encryption protocols.
• Monitoring and Incident Response
• Monitor AWS security alerts and incidents using AWS tools.
• Respond to and mitigate threats in real-time, conducting post-incident analysis and documentation. Risk and Compliance Management
• Conduct regular security assessments and audits to ensure compliance with industry standards (ISO 27001, SOC 2, etc.).
• Develop strategies to address vulnerabilities and mitigate risks.
• Collaboration and Integration
• Work closely with IT and development teams to integrate security services into CI/CD pipelines and production environments.
• Partner with clients to understand their requirements and deliver customized cloud security solutions.
• Reporting and Documentation
• Create detailed reports on detected threats, incidents, and response activities.
• Maintain technical documentation, security best practices, and deployment guides.
• Mentorship and Knowledge Sharing
• Provide guidance and mentorship to team members on security best practices and implementation processes.
• Stay current with emerging threats, tools, and AWS updates.

Required Skills

• Strong hands-on experience with AWS security tools (AWS WAF, GuardDuty, Security Hub, etc.)
• Expertise in Checkpoint Firewall management and troubleshooting
• Proficiency in Infrastructure as Code (IaC) tools like AWS CloudFormation and Terraform
• In-depth knowledge of Identity and Access Management (IAM), VPC security, and encryption techniques
• Experience with network defense, vulnerability management, and incident response
• Familiarity with DevSecOps and integrating security within CI/CD pipelines
• Knowledge of threat detection, risk assessment, and security audit processes
• Excellent analytical, problem-solving, and communication skills

Preferred Skills:

• AWS Certified Security – Specialty or AWS Certified Solutions Architect
• Checkpoint Certified Security Expert (CCSE) or similar certification
• Experience with scripting (Python, PowerShell, or Bash)
• Familiarity with compliance frameworks (ISO 27001, GDPR, SOC 2, PCI-DSS)

At Cognizant you will experience an exciting mix of innovation by design, creativity, collaboration, and efficiency within a framework of stimulating objectives and a passion for delivering the best to our customers.

You will be joining a network of some of the most creative, innovative, and dedicated people in the industry with ample opportunities to learn and develop your career.

Our Associates are chosen for their attitude, skills, knowledge, and enthusiasm but above all, their belief that anything is possible.

Cognizant is an equal opportunities employer, and we welcome all applications regardless of race, colour, gender, ethnic origin, nationality, religion or beliefs, disability, age, sexual orientation, political opinions, or trade union membership.

• Design, build, and maintain secure cloud infrastructure across AWS, Azure, and GCP.
• Develop and implement cloud security policies, standards, and procedures.
• Conduct security assessments, threat modeling, and penetration testing.
• Implement and manage identity and access management (IAM) controls.
• Ensure data security through encryption, key management, and data loss prevention (DLP) strategies.
• Oversee security monitoring, logging, and incident response for cloud environments.
• Collaborate with development and operations teams to integrate security into CI/CD pipelines (DevSecOps).
• Stay current with emerging cloud security threats and vulnerabilities, recommending appropriate countermeasures.
• Mentor junior security team members and contribute to security awareness training.
• Ensure compliance with relevant industry regulations and standards (e.g., ISO 27001, SOC 2).

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Minimum of 7 years of experience in information security, with at least 4 years focused on cloud security.
• Extensive experience with major cloud providers (AWS, Azure, GCP) and their security services.
• Strong knowledge of security frameworks, such as NIST, ISO 27001, and CIS Benchmarks.
• Proficiency in scripting languages (e.g., Python, Bash) for automation.
• Experience with container security (Docker, Kubernetes) and IaC security.
• Excellent understanding of networking, operating systems, and application security.
• Relevant certifications such as CISSP, CCSP, AWS Certified Security – Specialty, or Azure Security Engineer are highly desirable.
• Strong analytical, problem-solving, and communication skills.