2 of 2 Contract Cloud Security Jobs in the City of London

Cloud Security Engineer 6 Months £(Apply online only) per day (Inside IR35) Hybrid - 1-2 Days per month on-site in London Key Accountabilities Responsible for ensuring the security implementation of GDO projects across T&I and CTIO areas, delivering high quality services and creative solutions across all Cloud hosted solutions. Create Cloud Security Policies and engineer them - Preventive, Detective, Reactive and Forensic Controls. Test Cloud Security Policies. Engineer Security Controls for Cloud-based AI Solutions. Perform end-to-end Cloud Security Assurance for AI Workloads. Engineer Cloud Security Solutions for Container Technology and micro services. Engineer Cloud Security Solutions for Development, Security and Operations (DevSecOps). Engage across multiple functions on a global level to build and deploy DevSecOps for Cloud environments. Perform Threat Modelling for Cloud-based Workloads and Develop Counter Measures. Perform design reviews of new 3rd party Cloud and/or On Prem solutions, products, and services to identify potential risks and recommend appropriate mitigations. More ❯

Security Vulnerability Engineer Contract - Inside IR35 London - Hybrid (2 - 3 days a week in office) 6 months Are you a skilled software engineer with a passion for cybersecurity? This company is seeking a talented individual to join their team as a Security vulnerability engineer. This is an excellent opportunity to make a real impact and contribute to the … company's security initiatives. Key Responsibilities: Manage and enhance the company's Bug Bounty Programme (HackerOne), including working with researchers to identify and report vulnerabilities Oversee bounty payouts and conduct risk landscape analysis Track vulnerabilities and define mitigation strategies Collaborate closely with developers to identify, understand, test, and validate fixes for vulnerabilities Required Skills and Qualifications: Expertise in Bug … scripting experience (e.g. Python). Hands-on use of SAST, SCA, secrets scanning, and DAST tools, especially in CI/CD pipelines. Awareness of CI/CD and infrastructure security patterns (GitHub Actions, Terraform, Kubernetes, least-privilege IAM). Practical experience with Okta (OIDC/SAML, MFA, policies, workflows) and Doppler (secrets lifecycle, rotation, environments). Hands-on Cloud More ❯