Senior Cloud Security Analyst

Reporting to the Senior IT Security Manager, the Cloud Security Analyst is a hands‑on cloud and container security specialist. This role is responsible for securing large‑scale, multi‑cloud, and Kubernetes‑based environments. You will define and enforce security standards, hardening baselines, and detection capabilities, partnering with DevOps, networking, and SOC teams to embed security into design and automation.

This is 12 month initial contract term with a view to extension. Long‑term / rolling contract.

• 
  
• Optimize cloud‑native security controls including Identity and Access Management (IAM), network security (WAFs, VPC controls), and data protection (KMS/Vault).
  
• Deploy and manage CSPM, CNAPP, and CWPP solutions for continuous posture management across multi‑cloud and Kubernetes environments.
  
• Integrate cloud telemetry (GCP Audit Logs, CloudTrail, Azure Monitor, K8s audit logs) with SIEM/SOAR platforms for enhanced visibility.
  
• Define and enforce cloud security reference architectures and guardrails based on Zero Trust and Least Privilege principles.
  
• Build and maintain "Security as Code" using Terraform, CloudFormation, or Bicep, and policy‑as‑code.
  
• Own the security posture of containerized workloads (GKE, AKS, EKS); define security baselines for images, registries, and runtimes.
  
• Harden clusters through secure configuration of RBAC, NetworkPolicies, and Admission Controllers.
  
• Investigate and respond to cloud security incidents, providing triage, containment, and forensic support.
  
• Stay up to date with current vulnerabilities, attacks, and countermeasures relevant to cloud‑native ecosystems.
  

• 
  
• Experience: 5+ years of progressive experience in Information Security, with at least 3+ years focused on Cloud security and 2+ years on Kubernetes/Container security.
  
• Cloud Expertise: Hands‑on experience with at least two major public clouds (GCP and Azure preferred; AWS and OCI a plus).
  
• Container Security: Strong expertise in Kubernetes security controls (RBAC, Secrets, Ingress, TLS) and container runtime internals.
  
• Technical Skills: Proficiency in scripting (Python preferred; Bash or Go a plus) and working knowledge of Infrastructure as Code (IaC).
  
• Compliance & Frameworks: Knowledge of information security standards (e.g., ISO 27001, SOC 2, NIST) and CIS Benchmarks for Cloud and Kubernetes.
  
• Professional Certifications: CISSP, CKS (Certified Kubernetes Security Specialist), or cloud‑specific certifications (GCP Professional Cloud Security Engineer, Azure Security Engineer) are highly desirable.
  
• Soft Skills: Proven ability to influence engineering teams without direct authority and experience working in multi‑national corporate environments. xcfaprz
  

** Live Role - Apply for immediate consideration **

If you are interested in this role please apply of contact in strictest confidence.