Shape the Future of Cloud Security at Tesco Mobile Tesco Mobile is the UK’s largest virtual mobile network — powered by O2 and backed by the strength of Tesco. We’re known for doing things differently: award‑winning customer satisfaction, a collaborative culture, and innovative digital experiences for over five million customers. As a Cloud Security Engineer within the Run & Operate Chapter, you’ll join our DevSecOps Squad, working alongside DevOps engineers, platform specialists, and the Cyber Security Team. Your mission: to secure and optimise our cloud platforms across Azure and AWS, embedding robust security practices into everything we build and operate. This is a hands-on role where you’ll define cloud security standards, drive improvements, validate infrastructure changes, and strengthen our detection and response capabilities. Your work will directly influence how we protect our services, customers, and engineering systems. You will play a key role in securing and maturing Tesco Mobile’s cloud environments (Azure and AWS): Define, maintain, and evolve cloud infrastructure security standards across AWS and Azure Act as a subject-matter expert on cloud and infrastructure security Lead and deliver cloud security improvement initiatives and posture management work Operational Cloud Security Use services like Azure Security Center/Security Hub and AWS Security Hub to monitor and enhance posture Identify threats, risks, and misconfigurations — and implement effective mitigation strategies Validate infrastructure changes to ensure they meet security and compliance requirements Collaboration & Strategy Work closely with the Cyber Security Team to align on strategy, controls, and company-wide initiatives Communicate risk and security improvements in a clear, business-focused way Support containerised environments and cloud-native workloads where relevant Proven experience in cloud security operations with either Azure or AWS (ideally both) Hands-on experience with cloud security monitoring and posture management tools e.g., Azure Security Center, Azure Defender, AWS Security Hub Strong understanding of cloud governance, threat identification, and risk mitigation Experience integrating security controls into CI/CD pipelines Infrastructure as Code expertise (Terraform preferred) Logging/SIEM experience (e.g., Splunk, Sentinel, CloudWatch Logs) Automation skills using PowerShell, Azure CLI, AWS CLI, and/or Python Understanding of SAST, secure coding, and DevSecOps practices Collaborative mindset and eagerness to learn Nice to have GitHub & GitHub Actions Experience with both AWS and Azure Exposure to Docker, Kubernetes, or cloud container security Experience creating dashboards, log ingestion or data streams in Splunk LI-AF2 LI-Hybrid