Look at the latest headlines and you will see something Ki insures. Think space shuttles, world tours, wind farms, and even footballers' legs.
Ki's mission is simple: digitally disrupt and revolutionise a 335‑year‑old market. Working with Google and UCL, Ki has created a platform that uses algorithms, machine learning and large language models to give insurance brokers quotes in seconds, rather than days.
Ki is proudly the biggest global algorithmic insurance carrier. It is the fastest growing syndicate in the Lloyd's of London market, and the first ever to make $100m in profit in three years.
Ki's teams have varied backgrounds and work together in an agile, cross‑functional way to create the very best experience for its customers. Ki has big ambitions but needs more excellent minds to challenge the status‑quo and help it reach new horizons.
Where you come in?
As a senior and highly experienced Cloud Security Engineer, you'll be working closely with engineering teams across Cloud Services, Infrastructure and Product to embed risk‑conscious technical security controls in our services, products and development workflows.
You will be responsible for designing, implementing and managing robust security measures across our cloud platforms. The role involves collaborating with cross‑functional teams to develop security strategies, automate security processes and proactively identify and mitigate potential threats. You will work on cloud‑native security tooling, automation, and leverage infrastructure‑as‑code.
This role is expected to use AI to build automation and agentic AI workflows responsibly, improving productivity while ensuring safe use, data protection and appropriate security controls.
What you will be doing
Cloud Security Architecture & Design
* Design and implement security architectures for cloud‑based systems, including GCP, Azure, AWS or hybrid environments
* Design secure cloud architectures for AI/LLM workloads and AI‑enabled services, including isolation patterns, secure networking and hardened runtime configurations
* Ensure the reproducibility of security configurations and infrastructure through infrastructure‑as‑code (IaC), specification‑driven development (SDD) and automated deployment pipelines
* Automate cloud security processes leveraging agentic AI harnesses
* Design and implement robust security measures across our cloud platforms
* Be opinionated regarding Ki's current architecture and suggest improvements
Security Governance & Policy
* Develop and enforce security policies, standards and guidelines for cloud services
* Ensure cloud environments meet regulatory and compliance requirements such as ISO 27001, SOC 2, SOX ITGC, NIST, GDPR, etc.
* Conduct and automate regular security assessments and audits
* Enable cloud security governance (Azure, GCP and AWS) with security monitoring, cloud security posture and vulnerability management
Incident Response & Monitoring
* Monitor cloud environments for security breaches and respond to incidents
* Conduct root‑cause analysis, create incident reports and implement remediation strategies
* Triage and prioritise mitigation of vulnerabilities according to our remediation policies
Identity & Access Management
* Manage and implement IAM policies, roles and permissions to enforce the principle of least privilege and zero‑trust
* Develop solutions for secure authentication and authorisation mechanisms
Data Security & Compliance
* Ensure data security and compliance through encryption, data masking and secure storage practices
* Implement DLP and data classification technologies
Security Automation & DevSecOps
* Develop automated security controls, processes and work with Terraform and Kubernetes
* Define secure‑by‑default automation patterns for AI‑enabled systems, including observability and policy‑as‑code controls
* Integrate security tools and technologies with CI/CD pipelines to enhance DevSecOps practices
* Automate your work by writing code and contributing to infrastructure and security tooling around our cloud platforms
Collaboration & Enablement
* Work closely with development, operations and product teams to integrate security into the system development lifecycle
* Mentor junior security engineers and provide guidance on cloud security best practices
* Provide guidance and hands‑on implementation advice in application security, aligning to industry best practices and frameworks
* Organise regular penetration tests and ad‑hoc security assessments
* Develop and optimise technical controls for platform integrations
* Diligently document your work and share knowledge with engineers
* Help facilitate and manage the Security Champions network across engineering teams
* Organise regular security training sessions
Requirements
A successful candidate will have:
* Extensive experience working with one of the major public cloud providers (preferably GCP and Azure) and understanding of network infrastructure
* Strong understanding of identity management, network security, firewalls, VPNs, IDS/IPS and WAFs
* Hands‑on scripting or programming experience with Python, Golang or similar languages, delivered services or automation into production
* Hands‑on experience with security tools such as SIEM, vulnerability scanners, EDR/XDR and cloud security posture management (CSPM) tools
* Understanding of the Kubernetes ecosystem and security considerations around it
* Experience with AI‑augmented development flows, and the ability to steer agents effectively for high‑quality outcomes that can be understood and explained
* Previous work with agile development teams
* Ability to troubleshoot and solve cloud‑related security issues independently
* Google Cloud Platform and Azure experience
* Experience with CNAPP and CSPM type tools like Wiz
* Experience with Kubernetes, Docker and container security
* Experience with infrastructure‑as‑code using Terraform / OpenTofu, HCL
* Experience with CI tools such as GitHub Actions, Azure DevOps, pipeline builds, release packaging and artefact management
* Enterprise‑wide agile methodologies and practices
Desirable Qualifications
* GCP Professional Cloud Security Engineer qualification desirable
* Experience or familiarity with securing LLM systems and AI agent harness and tool access patterns
#J-18808-Ljbffr