Cloud Security Engineer

Government Sector

A number of legacy systems have recently been moved to the cloud as part of an ongoing strategic objective to modernise and secure applications for the future.

Role title Cloud Security Engineer
Duration of role  12 Months
Location 2 days a week in any of their UK offices based around the country.
Day rate £650
Any extra Clearance required (not including BPSS) Not required
Paragraph about team/project the person is joining LAA Technical debt supports 11 critical services identified in our sector of the governments top 40 list. These applications are critical in supporting the assessment and delivery to the public.


A number of legacy systems have recently been moved to the cloud as part of an ongoing strategic objective to modernise and secure applications for the future. The ownership of these critical services sits within an in-house digital provider. Security is working closely with these teams to assess and improve the security posture, with a key focus being to maximise the utilisation of cloud native tooling to aid security compliance with targeted industry benchmarks. This is a high priority project and time sensitive as we need to complete this work in line with the contract end date.


The team a small, multi-skilled team which supports multiple digital areas within this sector of the government. Engineering skills allow us to have a direct positive impact on the security posture of the services we support. The team do consult with multiple different areas of the business and some consultancy support may be required.

Skills & experience required bullet points Key responsibilities:

– Lead on the use of effective techniques to perform an assessment of AWS security tooling (IAM, AWS config, Inspector, security hub, and security groups) using an automation first approach.

– Use of Azure security tools, Defender for Cloud, log analytics & monitoring.

– Work with key stakeholders to propose and implement configuration items which contribute to framework compliance (NCSC Cyber Assessment Framework).

– Manage effective engagement with all relevant stakeholders to make sure that, where appropriate, their needs are incorporated.

– Work closely with platform teams to tactically remediate cloud vulnerabilities which have been identified in IT Health Checks.

– Document and evidence key findings and changes.

– Work with product managers and developers to reduce the attack surface.

– Monitor performance of implemented changes and ensure service continuity.

– Actively contribute to IT Health Check scope, proposal and support the activity while it is completed.

– Support the consultancy team in instances of increased pressure and priority, utilising the forum based working style to recommend solutions in a meaningful and efficient way.



We welcome those with alternative identities, backgrounds, and experiences. Our team includes parents, the self-taught, the university-educated, and people of a wide variety of nationalities, ages, and socio-economic backgrounds.

Obviously, we’re looking to ensure it’s a solid fit from both sides: we want you to step into a role you love, and we want to offer you a place you’re proud to come to every day for work.

We know that diverse teams are strong teams, and welcome those with alternative identities, backgrounds, and experiences to apply to be part of life at Zebra People. We are committed to a fair and accessible recruitment process for all candidates. We would be happy to meet any accommodation requests during the application or interview process, please just let us know.