Senior Cyber Security Cloud Engineer at Environmental Resources Management (ERM)

Reporting into the Cyber Security Operations Director, the Senior Cyber Security Cloud Engineer plays a key role in delivering and supporting a wide range of cloud security initiatives. The role requires a practical, delivery focused individual who is comfortable working across teams and contributing to the implementation of ERM’s Cyber Security strategy and roadmap.

Working within a global team, the role will support the design and assurance of secure cloud deployments across new and existing environments. This includes validating that cloud services and applications are designed, developed and implemented in line with established security standards. In addition, the role will contribute to the operational management and continual improvement of ERM’s cloud security posture.

The role will support the development and maintenance of security frameworks and ISMS artefacts, including policies, standards and procedures, ensuring they remain aligned to evolving technologies and risks. The role will contribute to governance and compliance activities by providing technical input, supporting risk and exception management, and assisting with cloud security assessments against recognized frameworks.

The successful candidate will also work closely with engineering and delivery teams to embed security practices into day to day activities, support the adoption of new technologies, and help ensure that security controls are applied consistently across the delivery life cycle.

About You:

• You will have solid hands on experience working with cloud platforms such as Microsoft Azure, and ideally AWS, along with associated security tooling.
• You may have come from a cloud infrastructure background or have worked closely with development teams to improve application security and delivery practices.
• You are comfortable taking technical requirements and translating them into practical, scalable implementations using native controls, automation, and security tooling.
• You are confident working across engineering teams, cloud environments, and operational services, with a strong focus on delivery and continuous improvement.
• You are comfortable working within established frameworks and standards, and able to apply them pragmatically in real world environments rather than purely from a governance perspective.
• You will have experience working with security and compliance frameworks such as Azure Security Benchmark, NIST CSF, ISO27001, CIS or similar, and understand how these map into technical controls within cloud environments.
• You are a proactive and reliable team member, able to manage multiple workstreams, contribute to shared objectives, and support wider team initiatives while maintaining a high standard of delivery.

Responsibilities

• Support the delivery of ERM’s Cyber Strategy and roadmap, contributing to initiatives such as embedding security into delivery lifecycles, developing threat modelling approaches, and defining cloud security controls
• Provide subject matter expertise to technology and business teams on cloud security and secure engineering practices
• Deliver and maintain security tooling and controls across Azure environments
• Contribute to technical documentation, standards, and guidance materials
• Support the implementation of application and cloud security models such as OWASP SAMM, DSOMM, and DevSecOps practices
• Assist in the development and improvement of cloud security patterns and designs
• Identify gaps against security standards, supporting system owners with remediation guidance
• Support cloud security assessments and compliance activities
• Contribute to incident investigations and remediation activities
• Promote secure by design principles across engineering and delivery teams
• Translate business and technical requirements into practical security implementations
• Maintain awareness of evolving threats and emerging security capabilities

Key Competencies

Skills and Capabilities Description:

• We are looking for someone who can demonstrate the below:
• Good practical experience with Azure security capabilities such as Defender for Cloud, Microsoft Defender suite, Azure AD, and related services
• An interest in LLM / AI technologies and the challenges of securing them
• Working experience with AWS security services and core cloud security concepts across multiple cloud providers
• Experience using GitHub, including GitHub Advanced Security capabilities such as code scanning, secret scanning, and dependency management
• Working understanding of application security concepts and secure development practices
• Hands on scripting experience using tools such as PowerShell, KQL, or equivalent
• Experience supporting or implementing security testing approaches such as SAST and DAST
• Familiarity with modern software development lifecycles and how security integrates into them
• Practical understanding of Zero Trust principles and how they are applied in cloud environments
• Desirable Experience
• Exposure to automation and compliance driven approaches using pipelines or infrastructure as code
• Experience working with Git based development workflows and CI CD tooling
• Familiarity with Azure DevOps, GitHub, SonarQube or similar platforms
• Experience with infrastructure as code tools such as Terraform and security validation tools
• Experience working in or alongside teams adopting DevSecOps practices

Soft Skills:

• Excellent communication skills written and verbal
• Determination and motivation to succeed
• Enthusiastic, with a positive ‘can-do’ attitude
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Gains the respect of colleagues and is a team player who is more interested in results than personal preferences
• Highly self-directed, with keen attention to detail
• Has strong communication, project and time management skills
• Experience working both independently and in a team-oriented, collaborative environment
• Flexible and adaptable in regards to learning and understanding new technologies
• Proven analytical and problem-solving abilities
• Strong customer service orientation

Qualifications and Prior Experience

Essential:

• Degree in a relevant technical discipline or equivalent practical experience
• 7+ years of hands on experience in cyber security, cloud engineering, or a closely related role
• Practical experience working with cloud security controls in Azure, and ideally some exposure to AWS environments
• Experience supporting the implementation of security controls across cloud platforms and development lifecycles
• Working knowledge of security and compliance frameworks such as NIST CSF, ISO27001, CIS or Azure Security
• Benchmark, with an understanding of how these translate into technical controls
• Experience working with modern engineering or delivery teams, with exposure to secure development practices and lifecycle integration
• Industry certification such as Microsoft Azure Security Engineer Associate, or equivalent experience
• Preferred:
• Experience working across both Azure and AWS environments in a security or engineering capacity
• Familiarity with GitHub, including GitHub Advanced Security or similar application security tooling
• Exposure to implementing or supporting application security frameworks such as OWASP SAMM or DSOMM
• Experience supporting DevSecOps practices within delivery or engineering teams
• Progress towards, or interest in, broader security certifications such as CISSP or Azure Certified Security Architect.

Availability & Commitment:

• Willing to participate in a Security Incident Response on-call rota, covering 1 week every 4–5 weeks, ensuring rapid response and containment of security threats. There is additional on call payments on top of salary for being on-call.