Cloud Security Engineer

We’re looking for people to join the Access family, who share our passion for believing in better, and who will help us continue to grow.

Love Work. Love Life. Be You. - is central to our success and how we give our customers the freedom to do more of what's important to them.

What does Access offer you?

We offer a blended approach to office working, encouraging you to collaborate and connect in one of our thriving offices. We deliver on what we say, taking the development of our people seriously. We’ll work with you to progress your success plan and provide opportunities to accelerate your career.

On top of a competitive salary, our wellbeing days taking you to 25 days leave a year and a health contribution, you’ll also be able to choose from a range of benefits to suit you. We’re an organisation that likes to give back, so you’ll also have three charity days allocated to support a cause that matters to you.

Position Overview

We are seeking an experienced Cloud Security Engineer to lead our cloud infrastructure security initiatives as part of our Infrastructure Vulnerability Management program. This role focuses on securing our cloud infrastructure and ensuring robust security posture across multi-cloud environments, with specific emphasis on identifying, assessing, and managing security vulnerabilities and misconfigurations across Azure (primary), AWS, and Google Cloud Platform environments.

As a Cloud Security Engineer, you will serve as the primary technical expert for cloud security vulnerability management, working closely with DevOps, cloud architects, and development teams to secure our cloud-native infrastructure, reduce cloud-specific attack surfaces, and integrate security throughout the cloud development lifecycle.

Key Responsibilities:

• Design, implement, and maintain cloud security controls and baselines across Azure, AWS, and GCP.
• Manage CSPM tools, cloud vulnerability scanners (e.g., Prisma Cloud), and native cloud security services.
• Continuously monitor multi-cloud environments for misconfigurations, compliance gaps, and security risks.
• Conduct vulnerability scanning and security assessments for cloud workloads, containers, serverless services, and hybrid infrastructure.
• Analyze and validate cloud-specific vulnerabilities, prioritize remediation, and track risk based on business impact.
• Integrate cloud security into CI/CD pipelines, supporting DevSecOps, container security, and “shift-left” practices.
• Develop and maintain IaC security templates, automated policy enforcement, and cloud security automation/orchestration.
• Ensure compliance with frameworks such as CIS Benchmarks, NIST CSF 2.0, and cloud vendor security standards.
• Maintain cloud security policies, standards, procedures, and risk documentation.
• Coordinate remediation with engineering and DevOps teams, provide cloud security guidance, and track issue resolution.
• Participate in cloud security incident response, investigations, and maintain dashboards for remediation reporting.

Required Qualifications:

• Bachelor's degree in Cybersecurity, Cloud Computing, Information Technology, or related field
• 3-5 years of hands-on experience in cloud security, cloud infrastructure, or related cybersecurity roles
• 1 year of experience with cloud vulnerability management and CSPM tools
• Strong experience with Azure
• Experience managing security across major cloud platforms in enterprise environments
• Proficiency with Cloud Security Posture Management (CSPM) platform: Prisma Cloud or similar solutions
• Strong experience with native cloud security services: AWS Security Hub/Config, Azure Security Center/Defender, GCP Security Command Center
• Proficiency with cloud vulnerability scanning and cloud workload protection platforms
• Infrastructure as Code expertise: Terraform, CloudFormation, ARM templates
• Container and orchestration experience: Docker, Kubernetes, or similar
• CI/CD integration: Jenkins, GitLab CI, Azure DevOps, GitHub Actions for security pipeline integration
• Understanding of network security in cloud environments and container technologies
• Experience with DevSecOps practices and security integration in cloud-native development
• Knowledge of cloud security frameworks: CIS Cloud Benchmarks, NIST Cloud Computing Framework, Cloud Controls Matrix

What are we all about?

The Access Group is one of the largest UK-headquartered business management software providers. It provides solutions that empower more than 160,000 small and mid-sized organisations in commercial and non-profit sectors across Europe, USA and APAC, giving every employee the freedom to do more of what's important. Its innovative cloud solutions and integrated AI software experience across multiple Access products transform how business technology is used.

With over 9,300 talented individuals driving innovation and customer excellence, we’re shaping the future of work. And we want you to be part of it. At Access, people are at the heart of everything we do. We’re committed to creating an inclusive, high-performing culture where everyone feels valued, respected, and empowered to thrive. If you’re excited about this role - even if your experience doesn’t tick every box - you might be exactly who we’re looking for.

We believe in equality for all and the transformative power of diversity. So why not join our vibrant team, where you can love what you do, love how you live, and most importantly, be authentically you?

Let’s make a difference together.

Love Work. Love Life. Be You.