Job description

Job description

  • Department:
  • City:
  • Job Type:
    Full Time
  • Number of Hours:
  • Contract Type:
Share this page
Share with linkedin
Share with facebook
Share with twitter
Share with email

Cloud Security Engineer (11795)

Job Title: Cloud Security Engineer


Salary: £Competitive + Company Benefits


The Role

Holland and Barrett is building a Cyber Security capability to ensure a coordinated response to the increasing cyber security threats, to enable risk based decisions to be made consistently across the organisation and to establish sustainable security capabilities that are integrated with the business. This role is in the Cyber Security team for improving our overall security posture by baking security into the pipeline at the earliest point. For us, it is not just about having the right security background, you need to be pragmatic, passion for Cyber Security, be able to work collaboratively with internal and external teams, and be driven to learn and succeed.

In this role, you will design, build and implement appropriate automation, controls and enable runtime application self protection and security monitoring. This is a hands-on engineering position. We believe in infrastructure as code (nothing in our platform will be created or deployed unless via a code change) and we are driven to achieve a full end to end continuous deployment pipeline. You will provide strong technical support, enabling technical decisions to be made with confidence and at pace.

The Company

Holland & Barrett is one of the nation's most loved and trusted brands, known for offering quality health food, vitamins and supplements all sold by highly trained and qualified advisors.

Bucking the current trend of high street retailers, we forecast significant growth and expansion plans in the coming years, with considerable investment going into all areas of the business. We certainly embrace change and drive speed in everything we do. Every day presents a different challenge, but every day is also filled with fun, teamwork and passion to succeed and surpass every expectation.

Join us and see how far you can go…

Job Type: Permanent


Location: REMOTE


Hours: 37.5hrs


The Person

Working in partnership with our Cloud Platforms and Development teams, you will:

  • Works daily with engineering teams to improve delivery process, must be mobile first and eCommerce security SME, ensures that test / development is security focused right from the beginning
  • Be accountable for implementing the security processes and tools are in our Cloud platform and within DevOps
  • Participate in the automation of software to our cloud platform and embed security into our methodology, embracing DevSecOps
  • Improve our general security posture across legacy and green field resources including applications and networks
  • Be responsible for enhancing security of our data assets in the Cloud as you will be working with data scientists and SMEs
  • Improve our monitoring and alerting systems to enhance them with specific and relevant security data points
  • Provide point of expertise on application, data and network security to our wider engineering teams - engaging with them in order to ensure consistent adoption of security policies and best practice
  • Participate in troubleshooting issues that arise
  • Define and implementing a Security Incident Response process/policy with regular improvements, testing and adherence

In addition, you will:

  • Contribute to the creation and ongoing maintenance of security engineering principles (secure by design and privacy by design), patterns and standards to reflect best practice and effective use within the company
  • Build a network including external relationships with other engineers/SMEs to understand best practice and emerging trends within engineering

Required Skills

  • Solid understanding of Secure by Design and Privacy by Design principles
  • Three years or more experience in cloud infrastructure security roles (predominantly AWS) working within teams that practice DevSecOps
  • Ability to interact comfortably with AWS via CLI and/or API
  • Specific expertise in threat assessment, attack surface management, data security, the network stack at Layer 4 and Layer 7, DNS, VPC security, IGW, WAF, API Gateways and CloudFront
  • Good knowledge of most of VPN, MFA, SAML, OAuth2, KMS and TLS
  • Good knowledge of some IdP frameworks and integrations
  • Experience building and running Docker images/containers securely, including container orchestration security
  • Experience of code security audit, static and dynamic analysis, defensive programming techniques and visualisation and measurement of security KPIs
  • Expertise in at least one scripting or programming language
  • AWS Certified Security Specialist
  • Experience defining and operating a Security Incident Response process
  • Good knowledge of monitoring and alerting
  • Knowledge of Windows security (particularly Azure Active Directory) 
  • Understanding of “cloud native” and 12-Factor applications 
  • Some exposure to offensive or defensive penetration testing is desirable
  • Experience of working in retail and/or finance industry where data security is vital.


Close map
Head Office - Samuel Ryder House
7 Barling Way, Nuneaton, Warwickshire, United Kingdom, CV10 7RH
Vacancy Alerts
Create an alert subscription based on this vacancy