Cloud & Data Security Senior Engineer

 

Description:

 

We are seeking a highly skilled Cloud & Data Security Senior Engineer.

 

Requirements:

Lead the design, implementation, and continuous improvement of network and endpoint security controls, ensuring alignment with industry standards and regulatory requirements (e.g., GDPR).

Oversee the deployment, configuration, and lifecycle management of network devices (firewalls, routers, switches, load balancers, DNS, VPN, proxies, WAF, endpoint protection) across on-premises, cloud, and hybrid environments.

Manage and optimise Citrix Netscaler and Infoblox DNS platforms, ensuring high availability, scalability, and secure application delivery.

Develop and maintain robust security postures for both network and endpoint infrastructure, including proactive threat detection, vulnerability management, and incident response.

Coordinate and execute regular firmware and software upgrades, patch management, and device lifecycle transitions, especially for EOL/EOS equipment.

Lead DDoS protection strategies (e.g., Akamai), ensuring real-time detection and mitigation of large-scale attacks.

Ensure secure remote access through VPN gateways (Ivanti, Cisco AnyConnect), enforcing strong authentication and compliance with access policies.

Oversee web security and internet proxy solutions (e.g., Zscaler), implementing web filtering, DLP, and threat protection for all users.

Manage endpoint security platforms (Crowdstrike, Trend Micro), including policy configuration, threat hunting, and rapid incident response.

Implement and enforce multi-factor authentication (CISCO DUO) across critical applications and infrastructure.

Ensure secure file transfer processes (MoveIT), monitoring and auditing for compliance with data protection regulations.

Drive network automation and cloud-managed networking initiatives, supporting SDN adoption and integration with DevOps pipelines.

Lead operational readiness for new projects (e.g., office moves, infrastructure handovers, cloud migrations), ensuring minimal disruption and robust risk management.

Maintain comprehensive technical documentation, including network diagrams, configuration baselines, and operational procedures.

Collaborate with external vendors, project architects, and third-party partners to deliver infrastructure projects and resolve escalated incidents.

Conduct regular security assessments, penetration tests, and compliance audits, addressing findings with corrective action plans.

Provide technical leadership and mentoring to L2 Support Analysts and other team members, fostering a culture of continuous improvement and knowledge sharing.

Participate in governance, reporting, and service review meetings, presenting performance metrics, incident trends, and improvement initiatives.

Ensure alignment with SLA, reporting, change control, and compliance with mandatory policies.

Support business continuity and disaster recovery planning, ensuring network and endpoint resilience in line with BCDR requirements.

 

Skills Required:

• Deep understanding of multi-cloud security architecture (Azure, AWS, IBM Cloud, OCI) and global security frameworks (CIS, NIST).

• Expertise in cloud security tools: Azure Advisor, Azure Firewall, AWS GuardDuty, Security Hub, AWS Network Firewall.

• Advanced skills in Cloud Security Posture Management (CSPM), including automation and misconfiguration detection.

• Strong knowledge of PKI and certificate management (MS PKI/AD CS, DigiCert), encryption, and key lifecycle.

• Proficiency in threat detection, incident response, and integration of WAF/DDoS/proxy/firewall layers.

• Experience with identity and access management (SSO, MFA, RBAC) in cloud environments.

• Familiarity with compliance, audit processes, and evidence-based reporting.

• Scripting and automation skills (CLI, Terraform, PowerShell) for cloud operations and security.

• Ability to design and manage cloud telemetry and logging (CloudTrail, CloudWatch, Log Analytics).

• Mentoring and technical leadership skills for guiding L2 analysts in security operations.