Cyber Security Engineer; AWS Focus | Leading European Investment

[Up to c. £110k Comp Package | Hybrid Working - 4 Days in Office]

We’re supporting a fast-growing, crypto-native investment firm that operates in a highly regulated, cloud-first environment and is entering a critical phase of scale - including a US up-listing and increased regulatory scrutiny. Security is already embedded in the culture and SDLC; what’s missing is deep, hands-on AWS security engineering ownership. This role is designed for a strong individual contributor who wants real technical authority.

You’ll act as the firm’s primary cyber security engineer, owning AWS security design, tooling, and control maturity end-to-end. Working alongside a senior security lead and an analyst, you’ll be the technical anchor for cloud security decisions - shaping tooling choices, tuning detection, and leading meaningful security projects rather than operating within a narrow remit. It’s a role for someone who prefers building and improving over maintaining the status quo, and who is comfortable operating with autonomy in a lean, high-trust team...

• Take end-to-end ownership of AWS security engineering, covering preventative controls, detection, and monitoring in a production cloud environment
• Significantly mature AWS-native security capabilities, with particular focus on:
  Guard Duty configuration, tuning, and noise reduction & improving signal quality, cost efficiency, and alert relevance
• Own and evolve the security tooling stack, including:
  Assessing effectiveness of existing EDR/XDR /SIEM tooling, recommending improvements or replacements, and leading migrations or re-platforming projects where justified
• Act as the technical point of reference for cloud security design decisions across engineering and Dev Ops teams
• Support incident response by providing deep technical expertise during investigations, while partnering with the analyst on monitoring and triage
• Embed security into CI/CD pipelines, infrastructure-as-code, and cloud-native workflows
• Lead cloud security architecture reviews and threat modelling for new systems and services
• Play a hands-on role in regulatory and assurance programmes, including: SOX-related security controls for US listing readiness and SOC 2 technical control design, operation, and evidence generation
• Develop and maintain pragmatic security standards, patterns, and documentation that scale with the business
• Mentor the security analyst on cloud security concepts, tooling, and investigations

• Strong, hands-on AWS security experience in a live production environment - this is non-negotiable
• Background in security engineering, cloud security, or infrastructure security, typically ~3-6+ years, though depth matters more than tenure
• Proven experience working with AWS security services (especially Guard Duty), logging, IAM, and cloud-native control patterns
• Confidence operating and evaluating modern security tooling (EDR, XDR, SIEM, CSPM), including the ability to challenge vendor choices and drive change
• Experience working in regulated environments (financial services ideal, but insurance, legal, or similarly regulated sectors are highly relevant)
• Practical understanding of audit, compliance, and control frameworks, even if not SOX or SOC 2 specifically
• A delivery mindset - you can point to projects you’ve owned, systems you’ve improved, or tooling you’ve meaningfully shaped
• Comfort working autonomously in a small team, with the judgement to prioritise what genuinely reduces risk
• Clear communication skills and the confidence to influence technical and non-technical stakeholders
• (Preferred) Scripting or automation experience (e.g. Python), though cloud security depth takes priority
• (Preferred) Experience with infrastructure-as-code (Terraform, Cloud Formation)
• (Preferred) Exposure to crypto, digital assets, or highly cloud-native microservices environments