Cloud Security Engineer (InfoSec)
We are seeking a Cloud Security Engineer (InfoSec) to join our Technology and Information security team. You'll play a key role in designing, implementing, and supporting secure infrastructure, cloud services, and applications across the organisation. This position requires strong expertise in AWS, Microsoft cloud services (Intune, Azure, Entra), security auditing, and modern endpoint protection such as CrowdStrike.
Responsibilities
* Monitor and respond to security incidents using EDR/XDR tools such as CrowdStrike, Microsoft Defender, and SIEM platforms
* Perform regular audits and security assessments across cloud (AWS, Azure) and SaaS platforms to identify risks and ensure compliance with internal policies and industry standards (ISO 27001, CIS, NIST)
* Manage and enforce Identity and Access Management (IAM) controls, including conditional access, MFA policies, role-based access control (RBAC), and least-privilege enforcement across Microsoft Entra and AWS IAM
* Support incident response processes including investigation, containment, eradication, and recovery of security events
* Conduct vulnerability scanning and remediation follow-ups using tools
* Develop and maintain security baselines, configuration hardening, and patch compliance reporting across endpoints and cloud systems
* Assist in third-party risk assessments and ensure vendors meet security requirements
* Participate in change advisory boards (CAB) to review infrastructure and application changes from a security perspective
* Support internal and external compliance audits by gathering evidence, ensuring policy alignment, and reporting findings
* Collaborate with SOC, DevOps, and IT operations teams to integrate security automation and build secure-by-design practices
* Support the IT helpdesk with complex application and system security issues
* Patch and secure endpoints (Windows/macOS), and mobile devices via Microsoft Intune, Jamf, or Meraki
* Implement and support endpoint and network-level security controls: FortiGate, Cisco Meraki, and Zero Trust Network Access (ZTNA) principles
* Provide technical documentation, runbooks, and SOPs for security operations and system configurations
Requirements
Skills Required
* Previous experience in a technical IT security, cloud engineering, or InfoSec-focused role
* Proven experience with Microsoft 365 Security, Azure Entra ID, Intune, and AWS IAM/Security Services
* Strong background in cloud security (AWS/Azure), including the shared responsibility model
* Familiarity with compliance frameworks (ISO 27001, GDPR, SOC 2, NIST)
* Hands-on experience with EDR tools (CrowdStrike, Defender for Endpoint) and SIEM/SOAR platforms
* Basic scripting for automation and reporting using PowerShell or Python
* Working knowledge of network security protocols, VPNs, firewalls, and web filtering tools
* Understanding of patch management, application control, and vulnerability remediation
Desirable Qualifications
* Certifications such as CISSP, CISM, Security+, AWS Security Specialty, AZ-500, or MS-500
* Experience working in or with a Security Operations Centre (SOC)
* Familiarity with DevSecOps, infrastructure-as-code, or cloud-native security practices
Benefits
* Competitive basic salary
* Pension and life assurance
* Enviable discounts
* Gym Discounts
* Summer Hours - 3pm Friday finish
* Half Day, Pay Day Friday (once per month)
* RetailTrust support
* And so much more!
Our Culture
We"re an energic fast-paced brand that embraces progress and strives for innovation. Hard work is rewarded with new opportunities at every level and kindness is celebrated in everything we do. Our summer working hours accommodate a healthy work life balance. Wellbeing is important to our working culture, which is why we nurture a friendly environment for talent to thrive in, alongside a vibrant social community.
#J-18808-Ljbffr