Senior Cyber Security Engineer

About the Role

As a key member of the team, the Senior Cyber Security Engineer will influence architecture, automate security controls, strengthen detection and response, and drive a measurable improvement in the company's security posture. This is an exciting opportunity to make a real impact on the security of a cutting-edge platform and contribute to the company's continued growth and success.

ENSEK is at an inflection point, scaling rapidly towards new international horizons. The company is committed to innovation, automation, and collaboration, making it an ideal environment for a skilled cyber security professional looking to make a difference.

What You Will Do

• Embed security into the DNA of ENSEK's B2B SaaS platform
• Collaborate with Engineering, SRE, Risk, and Product teams to build security into every stage of the product lifecycle
• Influence architecture and design secure solutions for cloud, container, and service-based architectures
• Define and enforce secure configurations, network segmentation, identity, and access controls for public cloud (primarily AWS)
• Implement secure coding practices, vulnerability management, secrets management, and runtime protections for services and CI/CD pipelines
• Build and maintain monitoring, logging, and alerting for security events
• Lead incident response and post-incident reviews to drive remediation and lessons learned
• Support ENSEK's 24/7 Incident Management processes to ensure security and stability for clients
• Automate security checks, policy enforcement, and remediation using IaC, CI/CD integrations, and custom tooling
• Work with Risk, Legal, and InfoSec to embed controls that support regulatory, privacy, and contractual requirements

What We Are Looking For

• 5+ years of experience in cyber security within cloud-native environments, DevOps, or platform engineering contexts
• Strong cloud security knowledge with practical experience securing AWS services, IAM, networking, KMS/secrets, and managed services
• Experience with container and orchestration security, including Kubernetes and related tooling
• Hands-on experience with logging, metrics, and tracing for security use cases
• Proficiency with Terraform/CloudFormation and CI/CD integration to enforce policy and automate remediations
• Experience with security tooling, including Secure Web Gateways, IDP, IDS, EDR, SAST, DAST, WAF technologies
• Scripting and development skills, with the ability to write automation and tools in Python, Go, Bash, or similar languages
• Strong understanding of security principles, including threat modeling, secure coding, and security gates
• Experience with compliance and assurance, including regulatory, privacy, and contractual requirements

Nice to Have

• Experience with cloud security frameworks and standards, such as NIST, ISO 27001, or PCI-DSS
• Knowledge of emerging technologies, including AI, machine learning, and blockchain
• Experience with security orchestration, automation, and response (SOAR) tools
• Certification in cloud security, such as AWS Certified Security - Specialty or Certified Cloud Security Professional (CCSP)

Benefits and Perks

• Competitive salary and benefits package
• 25 days' holiday plus bank holidays, with the option to buy or sell extra days
• Opportunity to work with a cutting-edge platform and contribute to the company's growth and success
• Collaborative and innovative work environment
• Professional development opportunities, including training and certification
• Flexible working arrangements, including remote work options
• Access to the latest security tools and technologies
• Recognition and reward for outstanding performance and contributions

• Develop a strong understanding of cloud security principles and practices, including secure coding, threat modeling, and security gates.
• Familiarize yourself with AWS services, IAM, networking, KMS/secrets, and managed services, as well as container and orchestration security.
• Showcase your experience with security tooling, including Secure Web Gateways, IDP, IDS, EDR, SAST, DAST, WAF technologies, and highlight your proficiency with Terraform/CloudFormation and CI/CD integration.
• Prepare to discuss your approach to security architecture and design, including your experience with cloud, container, and service-based architectures.
• Be ready to provide examples of your experience with incident response and post-incident reviews, as well as your understanding of compliance and assurance requirements.
• Demonstrate your ability to communicate complex security concepts to non-technical stakeholders and collaborate with cross-functional teams.
• Highlight any relevant certifications, such as AWS Certified Security - Specialty or Certified Cloud Security Professional (CCSP), and be prepared to discuss your experience with security frameworks and standards.