Cloud Security Engineer

Kurt Geiger | About Us

For over fifty years our team of in-house shoe and accessory designers have been creating authentic, distinctive designs from our London headquarters. The rainbow is our signature. It represents the good energy and love we have for our community and the many ways we collectively express our individual style.

Cloud Security Engineer (InfoSec)

This position requires strong expertise in AWS, Microsoft cloud services (Intune, Azure, Entra), security auditing, and modern endpoint protection such as CrowdStrike.

• Monitor and respond to security incidents using EDR/XDR tools such as CrowdStrike, Microsoft Defender, and SIEM platforms.
• Perform regular audits and security assessments across cloud (AWS, Azure) and SaaS platforms to identify risks and ensure compliance with internal policies and industry standards (ISO 27001, CIS, NIST).
• Manage and enforce Identity and Access Management (IAM) controls, including conditional access, MFA policies, role-based access control (RBAC), and least-privilege enforcement across Microsoft Entra and AWS IAM.
• Support incident response processes including investigation, containment, eradication, and recovery of security events.
• Conduct vulnerability scanning and remediation follow-ups using tools.
• Develop and maintain security baselines, configuration hardening, and patch compliance reporting across endpoints and cloud systems.
• Assist in third-party risk assessments and ensure vendors meet security requirements.
• Participate in change advisory boards (CAB) to review infrastructure and application changes from a security perspective.
• Support internal and external compliance audits by gathering evidence, ensuring policy alignment, and reporting findings.
• Collaborate with SOC, DevOps, and IT operations teams to integrate security automation and build secure-by-design practices.
• Support the IT helpdesk with complex application and system security issues.
• Patch and secure endpoints (Windows/macOS), and mobile devices via Microsoft Intune, Jamf, or Meraki.
• Implement and support endpoint and network-level security controls: FortiGate, Cisco Meraki, and Zero Trust Network Access (ZTNA) principles.
• Provide technical documentation, runbooks, and SOPs for security operations and system configurations.

Requirements

• Previous experience in a technical IT security, cloud engineering, or InfoSec-focused role.
• Proven experience with Microsoft 365 Security, Azure Entra ID, Intune, and AWS IAM/Security Services.
• Strong background in cloud security (AWS/Azure), including the shared responsibility model.
• Familiarity with compliance frameworks (ISO 27001, GDPR, SOC 2, NIST).
• Hands-on experience with EDR tools (CrowdStrike, Defender for Endpoint) and SIEM/SOAR platforms.
• Basic scripting for automation and reporting using PowerShell or Python.
• Working knowledge of network security protocols, VPNs, firewalls, and web filtering tools.
• Understanding of patch management, application control, and vulnerability remediation.

• Certifications such as CISSP, CISM, Security+, AWS Security Specialty, AZ-500, or MS-500.
• Experience working in or with a Security Operations Centre (SOC).
• Familiarity with DevSecOps, infrastructure-as-code, or cloud-native security practices.

• Competitive basic salary
• Pension and life assurance
• Enviable discounts
• Gym Discounts
• Summer Hours - 3pm Friday finish
• Half Day, Pay Day Friday (once per month)
• RetailTrust support
• And so much more!

Our Culture

Wellbeing is important to our working culture, which is why we nurture a friendly environment for talent to thrive in, alongside a vibrant social community.

Our Stores

Beyond stand-alone stores and retail pop ups, our retail partners include some of the world’s most famous department stores.

We Are One: For Love | For Diversity | For Change | For Equality | For Kindness | For Freedom | For Unity Against Racism