Senior Cloud Security Engineer (London or Bristol)
HealthHero is Europe's largest digital clinic. As a Senior Cloud Security Engineer on an initial 12‑month fixed‑term contract, you will help shape security for our fast‑growing, AI‑driven digital healthcare platform. As the role is based in either our London or Bristol office, you will work onsite two days per week.
About the role
This role is a key member of the growing Platform Security team, covering application security, cloud security, security operations, culture and risk management. You will work closely with Infrastructure, Data Governance and Engineering leads, focusing on infrastructure and cloud networking to secure our AWS and Azure estates and drive cloud security with an international scope.
Responsibilities
DevSecOps & SDLC
* Champion integration of security testing into CI/CD pipelines across all development teams, using automated security gates such as SAST, DAST, dependency scanning and secrets detection.
* Enable self‑serve security tooling for development teams.
* Set up secure development environments.
Cloud Security
* Own cloud security posture management using a CSPM solution (e.g., Wiz) and define enforceable cloud security baselines, guardrails, and policies in AWS.
* Implement and maintain IaC security scanning for Terraform.
* Manage IAM policies, network segmentation and secrets management.
* Configure and tune SIEM or similar for cloud‑focused detection.
* Establish logging, monitoring and alerting requirements based on threat modelling.
* Investigate and respond to cloud security events.
Risk & Compliance
* Identify, articulate and escalates security risks to senior leadership with mitigation plans.
* Track and remediate vulnerabilities across the infrastructure.
* Manage customer due‑diligence initiatives when required.
* Support and develop an annual penetration testing programme and associated remediations.
Stakeholder Engagement
* Partner with internal teams to support security‑related governance and accreditation requirements across different countries.
* Provide expertise on emerging threats and vulnerabilities.
* Support response to customer due‑diligence requests with timely and accurate information regarding vulnerability exposure.
Qualifications
Essential
* Proven experience in application security, DevSecOps or cloud security.
* Strong understanding of cloud networking.
* Experience securing cloud environments (AWS, Azure).
* Ability to read and write IaC (Terraform) code and understand IaC lifecycles.
* Familiarity with container security and Kubernetes.
* Understanding of secure coding, penetration testing techniques, SIEM and vulnerability management.
* Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security and risk analysis.
* Experience managing secure development lifecycles and vulnerability management.
* Practical experience of ISO 27001:2022 controls and audit processes.
Desirable
* AWS Security Specialty or equivalent certification.
* Experience in regulated environments (healthcare, financial services).
* Familiarity with NHS DSPT.
* Technical knowledge of GDPR and data protection requirements.
* Hands‑on experience with CI/CD security tooling and pipeline integration.
* Interest in learning other countries’ health and security regulations (France, UK, IR, DE).
Benefits
* A full induction training programme via Microsoft Teams.
* Opportunity to work with an experienced, diverse and supportive team.
* 25 days annual leave.
* Bank holidays and birthday off as leave.
* Regular one‑to‑one meetings with your line manager.
* 24/7 on‑call staff support.
* Auto‑enrolment pension scheme.
* Health scheme and access to an Employee Assistance Programme.
* Life insurance scheme.
Equal Opportunity Statement
HealthHero is a certified Disability Confident Employer and we are committed to offering equal opportunities to all candidates, irrespective of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex or sexual orientation. If you require any reasonable adjustments during the application process, please contact us.
#J-18808-Ljbffr