Job Title:
Cloud Security Engineer
Location:
Remote (25% Weekly on-site - West Midlands and South East England)
Clearance:
Active SC required; DV eligibility needed post-probation.
Company Overview:
Atreides helps organizations transform large and complex multi-modal datasets into information-rich geo-spatial data subscriptions that can be used across a wide spectrum of use cases. Currently, Atreides focuses on providing high-fidelity data solutions to enable customers to derive insights quickly.
We are a fast-moving, high-performance startup. We value a diverse team and believe inclusion drives better performance. We trust our team with autonomy, believing it leads to better results and job satisfaction. With a mission-driven mindset and entrepreneurial spirit, we are building something new and helping unlock the power of massive-scale data to make the world safer, stronger, and more prosperous.
Team Overview:
We are a passionate team of technologists, data scientists, and analysts with backgrounds in operational intelligence, law enforcement, large multinationals, and cybersecurity operations. We obsess about designing products that will change the way global companies, governments and nonprofits protect themselves from external threats and global adversaries.
Position Overview:
Atreides is seeking a motivated and proactive Cloud Security Engineer with a strong focus on Microsoft Azure security to join our growing team. This role is ideal for a security engineer or SecOps professional who understands the critical importance of maintaining a highly secure environment and is eager to work across cloud, endpoint, and infrastructure domains.
While the primary focus will be Azure security engineering, experience with hardware and traditional infrastructure security will be considered a strong plus.
Team Principles:
- Remain curious and passionate in all aspects of our work
- Promote clear, direct, and transparent communication
- Embrace the 'measure twice, cut once' philosophy
- Value and encourage diverse ideas and technologies
- Lead with empathy in all interactions
Responsibilities: Security Engineering & Automation:
- Design, build, and maintain security automation and tooling to enforce controls and simplify compliance.
- Build and manage identity & access management controls across cloud platforms and applications.
- Write and review Infrastructure-as-Code (Bicep/Terraform) for secure cloud configuration.
- Implement preventative and detective controls in Azure; automate remediation of alerts.
- Secure CI/CD pipelines, integrating results from SAST/DAST/SCA tools and ensuring supply chain integrity.
- Engineer solutions for Kubernetes security, focusing on RBAC, network policies, and runtime protection.
Detection, Monitoring & Incident Response:
- Perform triage, containment, eradication, and recovery activities as part of incident response, ensuring threats are effectively mitigated.
- Develop and optimise security detections (Sentinel, KQL, YARA).
- Manage log sources, ingestion pipelines, and monitoring infrastructure.
- Conduct threat hunting and analysis to identify emerging risks.
- Lead and contribute to incident investigations, including post-mortem analysis and remediation actions.
Vulnerability & Risk Management:
- Identify, track, and remediate vulnerabilities across cloud, endpoint, and infrastructure.
- Implement controls from security assessments, audits, and architecture reviews.
- Support third-party risk assessments and vendor due diligence.
Governance, Documentation & Projects:
- Maintain documentation of security standards, runbooks, and procedures.
- Participate in security-related projects and lead implementation of new security solutions.
Required Qualifications:
- 3+ years in security engineering or security operations, ideally in cloud-first environments.
- Strong understanding of cloud security architecture with hands on experience securing cloud infrastructure and services.
- Hands on experience with the Azure security stack, including Microsoft Defender for Cloud (recommendations, alerts, Secure Score), Azure Policy, and related security tooling.
- Proficiency with SIEM platforms (Azure Sentinel preferred), developing detections and alerts, tuning rules, and investigating incidents.
- Proven incident response capability including triage, investigation, containment, eradication, and recovery.
- Practical experience integrating security into software and system development lifecycles.
- Experience with endpoint security solutions and MDM/EMM tools.
- Experience securing containerised environments (Kubernetes) and CI/CD pipelines.
- Proficiency in scripting and automation (PowerShell, Python, KQL, Bicep).
- Strong understanding of network security - protocols, firewalls, IDS/IPS, WAFs, and infrastructure hardening.
- Familiarity with incident response frameworks (NIST, SANS).
- Experience configuring and using cloud-native security logging, monitoring, and detection services.
- In-depth knowledge of security principles, attack vectors (OWASP Top 10, MITRE ATT&CK), and the threat landscape.
Desired Qualifications:
- Azure Security Engineer AZ-500
- Security Operations Analyst SC-200
- Identity and Access administrator SC-300
- GIAC Certified Forensic Analyst
- GIAC Certified Incident Handler
Compensation and Benefits:
- Competitive salary
- Comprehensive health, dental, and vision insurance plans
- Flexible hybrid work environment
- Additional benefits like flexible hours, work travel opportunities, competitive vacation time and parental leave
While meeting all of these criteria would be ideal, we understand that some candidates may meet most, but not all. If you're passionate, curious and ready to "work smart and get things done," we'd love to hear from you.
Security Clearance:
This role requires a current and active SC clearance at the time of hire. After successful probation, candidates must be willing and eligible to undergo DV, in line with contract requirements. DV is not required at application stage, though DV-cleared candidates are welcome to apply.