Endava is seeking a skilled and hands-on Senior Cloud Security Engineer. This role is responsible for defining, governing, and continuously improving secure cloud architectures and controls across IaaS, PaaS, and SaaS environments for enterprise clients.
The Cloud Security Engineer will design and embed secure-by-design patterns, guardrails, and posture management capabilities that protect critical systems and data while enabling scalable, cloud-first delivery. The role requires close collaboration with Cloud Operations, DevOps, and Product Engineering teams to ensure that security controls are automated, measurable, and aligned to modern engineering practices.
As a subject matter expert, you will play a key role in strengthening clients’ cloud security maturity, supporting incident response activities, and integrating security into DevSecOps pipelines and platform engineering models.
Responsibilities:
- Define and maintain cloud security policies, standards, reference architectures, and baseline control frameworks across AWS, Azure, and/or GCP environments.
- Design secure cloud landing zones, including IAM models, network segmentation, encryption standards, key management, and secrets management.
- Implement and govern Cloud Security Posture Management (CSPM) capabilities, including risk-based remediation workflows and exception handling.
- Partner with Cloud Operations and Platform Engineering teams to embed policy-as-code, automated guardrails, and infrastructure-as-code security controls.
- Standardize logging and monitoring requirements to ensure effective threat detection, investigation, and response across cloud platforms.
- Conduct security architecture reviews for new cloud services and major platform changes.
- Support cloud-related incident response activities, including root cause analysis and containment strategies.
- Contribute to secure development enablement by providing reusable security blueprints, patterns, and anti-pattern guidance.
- Collaborate with Cyber Defence/SOC teams to ensure cloud telemetry is integrated into SIEM and detection engineering workflows.
- Support third-party SaaS risk assessments and multi-cloud security risk evaluations where required.