Context & Purpose

As a driven Cyber Security Operations Engineer, you will support all aspects of securing a cloud 1^st digital business.

As a driven Cyber Security Operations Engineer, you will be a critical member of the Platform Engineering team. You will be embedded into agile delivery squads with colleagues from DevOps , Development, Product, I.T, Data and Support to ensure technology policies & implementation value secure lean principles over compliance-led controls. 

Your mission is to engineer and automate the security fabric of our software development lifecycle and cloud service hosting enabling our development teams to deliver secure, compliant, and resilient software.

This role is ideal for a junior to mid-level professional with a degree in cyber security. Valuing automation and declarative configuration, you will ensure our path to production is repeatable, auditable, and secure by design.

By finding ways to streamline our technology you’ll empowering people to take control of their own health, wellbeing and fitness data.

Key Responsibilities

• Design, implement, and manage cloud account security baselines, Role-Based Access Control (RBAC), and Identity & Access Management (IAM) using Infrastructure as Code (IaC) principles.
• Automate data protection controls, including data encryption at-rest and in-transit, and engineer automated processes for the rotation of sensitive assets like keys and certificates.
• Define and manage network security controls—including firewalls, security groups, and secure DNS configurations—as auditable, version-controlled configuration.
• Codify and enforce data retention policies through automated scripting and infrastructure configuration to ensure compliance with regulatory and business requirements.
• Integrate and automate security tooling (e.g., SAST, DAST, SCA, container scanning) within CI/CD pipelines to provide developers with fast, actionable feedback on security vulnerabilities.
• Develop and manage a centralised logging and monitoring solution for security events and implement automated alerting and response workflows for threat detection and escalation.
• Collaborate with Product, Development and Release Management to manage the end-to-end lifecycle of external penetration tests, including prioritising, scheduling, and tracking remediation efforts.
• Contribute to threat modelling exercises and work with development teams to implement secure coding practices and mitigate vulnerabilities early in the development lifecycle.
• Investigate security events in accordance with established procedures and recommend required actions including Incident Response.
• The assessment of organisational vulnerabilities using pro-active governance and monitoring tooling.
• Assist Group I.T Support with ISMS policies including defining, promoting and advocating secure policies, procedures and practices.

Skills, Knowledge, and Qualifications

• Undertake tasks with a positive attitude and respond well to management and customer requests. Must be prepared to meet business goals and respond well to change.
• Degree in Cyber Security and 2 years’ experience. CEH, CompTIA Security+ or similar considered with industry experience.
• Experience in compliance frameworks (e.g. ISMS/27001, CE+, SOC 2, GDPR)
• Knowledge of the networking stack (TCP/IP, DNS, HTTP/S) and cloud networking models (IaaS/PaaS networking, VPCs, VNETs, security groups).
• Hands-on experience with at least one major cloud provider (AWS, Azure, or GCP) and its core security services.
• Competent with cli tooling (AWS/Azure) and confident scripting (e.g., Python, Bash) and knowledge of Terraform/Bicep/CloudFormation/CDK beneficial.
• Familiarity with version control systems (Git) and CI/CD principles and pipelines.
• Experience architecting and implementing security controls in containerised and serverless environments is highly desirable.
• Experience with security observability tools (e.g., SIEM, SOAR) are preferred.
• Lean Principles
• Maintain current knowledge of cyber-attacks, threats and trends.

Benefits

Evergreen Life Standard benefits package