Description
Cloud Engineering supports the firm by delivering modern platform capabilities, observability services, and engineering enablement across distributed systems. The Platform Security team safeguards cloud platforms by implementing secure‑by‑default patterns, enforcing guardrails, and supporting threat detection, response, and continuous security improvement across digital services.
Responsibilities
People Leadership & Team Development
- Manage, mentor, and grow engineers across cloud security, DevSecOps, incident response, and automation skillsets.
- Support workforce planning, workload prioritisation, development discussions, and performance expectations.
- Foster a psychologically safe, high‑performing team culture with strong engineering standards and collaboration.
Security Strategy & Governance Ownership
- Own platform security strategy, defining long‑term direction for controls, automation, policies, and risk posture.
- Govern cloud security guardrails, compliance measures, and policy configurations across all environments.
- Drive lifecycle management of IAM, privileged access controls, and access review automation.
Architecture, Design & Delivery
- Lead architectural direction for platform security solutions including secrets management, network security, identity governance, encryption, and secure connectivity.
- Oversee assessments of IaC modules, ensuring secure‑by‑default patterns and consistent compliance.
- Guide secure engineering practices across the SDLC and platform delivery lifecycle.
DevSecOps & Platform Automation
- Govern CI/CD security framework including scanning, code signing, SBOM generation, attestation, and release policies.
- Promote automation‑first and policy‑as‑code principles across platform engineering teams.
- Ensure observability and security telemetry pipelines support threat detection and compliance reporting.
Threat Detection, Incident Response & Risk Management
- Lead incident response for high‑severity cloud security events and provide expert guidance during investigations.
- Oversee threat detection strategy, detection engineering improvements, and automated response playbooks.
- Report risk posture, gaps, and investment areas to senior leadership.
Stakeholder Engagement & Cross‑Team Influence
- Act as the senior point of contact for platform security across engineering, product, operations, and enterprise security teams.
- Communicate security risks, architectural decisions, and strategic priorities clearly to technical and non‑technical leaders.
- Represent Platform Security in governance committees and technical leadership forums.
R&D, Innovation & Continuous Improvement
- Lead POCs, explore emerging security technologies, and evaluate tools that improve platform maturity.
- Promote reusable engineering practices, patterns, and automation frameworks.
- Contribute actively to knowledge bases, documentation, and engineering enablement activities.
Shift Responsibilities & Operational Support
- Work in rotational shifts as required.
- Participate in on‑call rotations to respond to and resolve high‑severity incidents in a timely manner.
- Demonstrated experience mentoring engineers, guiding technical direction, and supporting team capability development.
- Ability to coordinate engineering workstreams, manage external providers, and maintain alignment across teams.
- Skilled at creating a positive, collaborative, and high‑performing team environment.
- Strong communication skills with the ability to engage both technical and non‑technical stakeholders.
- Proven experience delivering cloud‑based solutions in enterprise environments.
- Deep expertise in cloud security, IAM governance, network security, threat detection, and secure SDLC.
- Strong people‑leadership capabilities with experience guiding teams and influencing cross‑functional engineering groups.
- Skilled in DevSecOps, automation, IaC security, and policy‑as‑code.
- Strong communicator able to simplify complex security topics for diverse audiences.
- Strategic thinker with strong operational awareness and ability to balance risk with engineering delivery needs.
