Position Description:
At CGI, we secure the cloud environments that power critical national and commercial services, helping organisations operate with confidence in an evolving threat landscape. As a Cloud Security Practitioner, you will architect and implement secure-by-design cloud solutions across AWS, Azure and GCP, embedding identity, encryption and observability at the core. We combine deep technical expertise with a culture of accountability and collaboration, enabling you to shape security standards, influence platform design and deliver measurable risk reduction. Here, your insight drives resilient architectures, your innovation strengthens defences, and your growth is supported as you help us protect high-value digital ecosystems.
CGI was recognised in the Sunday Times Best Places to Work List and has been named a UK ‘Best Employer’ by the Financial Times. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you’ll be part of an open, friendly community of experts. We’ll train and support you in taking your career wherever you want it to go.
Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. This is a hybrid position.
Your future duties and responsibilities:
In this role, you will design and implement secure cloud environments across AWS, Azure and GCP, ensuring robust identity, network security and encryption controls are embedded from the outset. You will take ownership of security architecture decisions, applying Infrastructure-as-Code (Terraform, CloudFormation, ARM, Bicep, CDM) to deliver scalable, compliant and automated solutions.
Working closely with platform and DevOps teams, you will integrate CNAPP, CSPM and DSPM tooling such as Wiz, Tenable, CrowdStrike, Macie and Purview to strengthen posture management and data protection. You will champion security observability, leveraging logging, monitoring, SIEM and threat detection capabilities to proactively manage cyber risk while mentoring others and advancing best practice.
Key responsibilities:
> Architect & Secure multi-cloud environments (AWS/Azure/GCP)
> Implement & Automate Infrastructure-as-Code security controls
> Embed & Enhance identity, encryption and network security
> Deploy & Optimise CNAPP, CSPM and DSPM solutions
> Develop & Secure cloud-native applications (AWS Lambda, Python, DynamoDB)
> Strengthen & Advance security observability and SIEM integration
> Align & Assure compliance with ISO, NIST -53 and OWASP
> Mentor & Guide teams on secure DevOps and platform practices
#LI-JS2
Skills:
1. Compliance
2. Security Architecture
3. Security Assessment
4. Security Audit