Detection & Incident Response Engineer enhancing security operations for Relax Gaming. Building monitoring capabilities and investigating security threats across the organization.
About the role
- Mid-level Cloud Security Engineer at Kainos managing security controls for Azure, AWS, and SaaS environments. Collaborating with teams to define and implement cloud security best practices while influencing secure practices among engineers.
Responsibilities
- Define and implement the cloud security Framework in collaboration with IT Systems, SOC leadership, and GRC.
- Recommending security best practices and implementing controls for Cloud Security and governance.
- Implementation of automated security tooling to validate security requirements and identify potential issues.
- Define threat detection and incident response processes and playbooks for cloud environments.
- Collaborate with the SOC to operationalise detection rules and incident handling.
- Support GRC in meeting evidence and compliance requirements for ISO27001, NCSC Cloud Security Principles, and SOC2.
- Reviewing the outputs from security tools and security practices.
- Influence and guide junior engineers and developers to adopt secure practices.
- Provide input into IAM strategy and policy (RBAC, Conditional Access, MFA, least privilege) working closely with the IT and Systems teams.
- Support automation of cloud security (IaC scanning, CI/CD integration).
Requirements
- Previous experience in cloud security engineering or related roles
- Working knowledge of industry cloud security frameworks and best practice (CSA STAR, NCSC Cloud Security Principles)
- Experience with automation and scripting (Python, PowerShell, Bash)
- Proficiency with: Azure security services : Defender for Cloud, Entra ID, Sentinel etc.
- AWS security services : Security Hub, GuardDuty, IAM, Config, CloudTrail, CloudWatch.
- Working knowledge of cloud incident response processes and procedures
- Strong understanding of security best practices in multi-cloud environments.
- Familiarity with Infrastructure as Code (Terraform)
- Knowledge of cloud network security concepts (firewalls, NSGs, VPCs, private endpoints)
- Exposure to compliance frameworks (ISO27001, SOC2, NCSC Cloud Security Principles)
- Security certifications such as AZ-500, SC-100, AWS Security Specialty, CISSP, or CCSK.
Benefits
- People-first culture
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Project & Service Manager managing cybersecurity projects for enterprise clients at Var Group. Overseeing teams and ensuring project delivery within time and budget.
Cyber Security Manager responsible for security architecture and risk management for a global specialty chemicals company. Overseeing security frameworks, incident handling, and compliance to ensure robust security operations.
Information Security Engineer supporting Mercari’s US business from Tokyo, bridging teams in Japan and US.
Information Security Engineer enhancing cloud security strategies for F&M Central's software, services, and cloud. Leading initiatives in identity management, compliance, and secure development practices.
Physical Security Engineer programming and configuring access control and surveillance systems. Collaborating with technical teams while managing security project requirements and client relations.
Senior Information Security Engineer providing cybersecurity incident response services for clients. Leading and performing cyber forensic analysis and presenting security solutions to customers.
Senior Product Manager leading the strategy and development of ESET's Identity Security portfolio. Driving innovation across identity protection areas helping organizations secure identities and access.
Health & Safety Coordinator ensuring safety standards in construction projects for multinational tech client. Fostering strong preventive culture in compliance with Spanish legislation.
Cybersecurity Intern participating in business transformation projects for major industries. Engaging in Cybersecurity Risk Assessment and developing innovative solutions in the IT sector.