Cyber Security Engineer

Coin Shares is an innovative, agile and ambitious organisation. We strive for excellence in everything we do. We are a high performance culture with a focus on:

• Professional and personal integrity
• Curiosity and a deep learning mindset
• Transparency
• Teamwork and collaboration

Coin Shares is strongly committed to diversity and inclusion and warmly welcomes candidates from all backgrounds.

The Cyber Security team exists to protect Coin Shares’ digital assets, systems, people and data while enabling the business to operate securely  team safeguards the firm against cyber threats in a highly regulated, cloud‑first environment, ensuring that security is embedded into day‑to‑day operations and technology decisions rather than treated as a standalone control function.

Working closely with all teams, the Cyber Security team designs and maintains a robust security framework that evolves alongside the business. Their work is central to maintaining operational resilience, regulatory confidence and trust in Coin Shares as a leading digital asset manager.

We are seeking an experienced and hands‑on Cyber Security Engineer with a strong focus on cloud security, particularly AWS, to join our growing security function.

Working closely with the Cyber Security Analyst, IT, and Dev Ops teams, you will be responsible for designing, implementing, and maintaining security controls across Coin Shares’ cloud‑first environment. This role is responsible for engineering and architectural oversight, working in partnership with the Analyst’s monitoring and response activities.

You will play a key role in strengthening Coin Shares’ security posture in a highly regulated financial environment, ensuring scalable, resilient, and secure cloud infrastructure.

• Design, implement, and maintain security controls across AWS environments.
• Configure, manage, and optimise AWS Guard Duty, including alert tuning, findings triage workflows, and integrations with SIEM and incident response processes.
• Lead cloud security monitoring, detection engineering, and preventative control design.
• Work closely with the Cyber Security Analyst on incident response, providing technical expertise during investigations.
• Implement and manage cloud‑native security services (e.g., AWS Security Hub, IAM, Cloud Trail, VPC security controls).
• Partner with Dev Ops and engineering teams to embed security into CI/CD pipelines and infrastructure‑as‑code.
• Conduct cloud security architecture reviews and threat modelling for new systems and services.
• Support vulnerability management and remediation efforts across cloud and hybrid environments.
• Contribute to compliance initiatives (e.g., ISO 27001, SOC
  2) through control design, evidence generation, and audit support.
• Develop and maintain security standards, patterns, and technical documentation.
• Continuously evaluate emerging cloud security threats and recommend improvements.

• 5+ years’ experience in a cyber security engineering, cloud security, or infrastructure security role.
• Strong hands‑on experience securing AWS environments in production.
• Bachelor’s degree in Cyber Security, Computer Science, Information Technology, or equivalent practical experience.
• Relevant certifications are desirable (e.g., AWS Security Specialty, CISSP, CCSP, GSEC).
• Experience in the financial services sector or other regulated environments would be advantageous.

• Demonstrated understanding of cloud security concepts, particularly within AWS.
• Hands‑on experience configuring and operating AWS Guard Duty.
• Strong knowledge of AWS IAM, networking (VPCs, security groups, NACLs), logging, and monitoring.
• Experience with cloud security posture management and vulnerability management tools (e.g., Wiz, Qualys, Rapid7).
• Familiarity with infrastructure‑as‑code and automation (e.g., Terraform, Cloud Formation).
• Solid understanding of security frameworks and regulatory requirements (NIST, CIS, ISO 27001, GDPR).
• Ability to design security controls that scale in fast‑moving, cloud‑native environments.
• Strong problem‑solving skills with a pragmatic, risk‑based mindset.
• Excellent written and verbal communication skills, with the ability to explain complex technical issues to non‑security stakeholders.