We’re looking for people to join the Access family, who share our passion for believing in better, and who will help us continue to grow.   Love Work. Love Life. Be You. - is central to our success and how we give our customers the freedom to do more of what's important to them.     What does Access offer you?  We offer a flexible, hybrid working environment where you can balance work and life while maintaining a strong office team-based culture. We deliver on what we say, taking the development of our people seriously. We’ll work with you to progress your success plan and provide opportunities to accelerate your career.  On top of a competitive salary, our wellbeing days taking you to 25 days leave a year and a health contribution, you’ll also be able to choose from a range of benefits to suit you. We’re an organisation that likes to give back, so you’ll also have three charity days allocated to support a cause that matters to you.   Position Overview: We are seeking an experienced Cloud Security Engineer to lead our cloud infrastructure security initiatives as part of our Infrastructure Vulnerability Management program. This role focuses on securing our cloud infrastructure and ensuring robust security posture across multi-cloud environments, with specific emphasis on identifying, assessing, and managing security vulnerabilities and misconfigurations across Azure (primary), AWS, and Google Cloud Platform environments. As a Cloud Security Engineer, you will serve as the primary technical expert for cloud security vulnerability management, working closely with DevOps, cloud architects, and development teams to secure our cloud-native infrastructure, reduce cloud-specific attack surfaces, and integrate security throughout the cloud development lifecycle. Key Responsibilities: Cloud Security Architecture & Posture Management •Design and implement security controls for cloud infrastructure across Azure, AWS, and GCP environments •Implement, configure, and manage Cloud Security Posture Management (CSPM) tools across all cloud platforms •Deploy and maintain cloud vulnerability scanning solutions including Prisma Cloud, and native cloud security services •Continuously monitor cloud infrastructure for security misconfigurations, and compliance violations •Develop and maintain cloud security baselines and configuration standards •Assess cloud-native services, serverless functions, and container environments for security vulnerabilities Infrastructure Vulnerability Management •Manage comprehensive vulnerability scanning and remediation for cloud infrastructure, ensuring asset coverage and timely patching •Conduct comprehensive security assessments across multi-cloud environments and hybrid infrastructure •Perform vulnerability scanning of cloud workloads, virtual machines, containers, and cloud-native applications •Analyze cloud security findings and validate vulnerabilities specific to cloud environments •Monitor and assess Infrastructure as Code (IaC) templates for security misconfigurations before deployment •Track and prioritize cloud infrastructure vulnerabilities based on risk and business impact DevSecOps Integration & Security Automation •Integrate cloud security tools into CI/CD pipelines and support container security initiatives •Implement security scanning integration into CI/CD pipelines and DevOps workflows •Develop and maintain Infrastructure as Code (IaC) security templates and automated security policy enforcement •Develop automation scripts for cloud security monitoring, alerting, and remediation workflows •Collaborate with DevOps teams to implement "shift-left" security practices in cloud deployments •Create and maintain cloud security automation using tools like Terraform, CloudFormation, ARM templates •Implement cloud security orchestration and automated response capabilities Cloud Risk Assessment & Compliance Monitoring •Ensure compliance with cloud security frameworks including CIS Benchmarks, AWS Well-Architected Framework, Azure Security Benchmark, and GCP Security Command Center recommendations •Conduct cloud security assessments for regulatory compliance in cloud environments •Create and maintain risk documentation for cloud security exceptions and accepted risks •Create and maintain cloud security policies, standards, and procedures aligned with NIST CSF 2.0 Cloud Remediation Coordination & Incident Response •Partner with cloud engineering, DevOps, and development teams to coordinate cloud security remediation •Provide technical guidance on cloud security best practices and remediation approaches •Track cloud security remediation progress and ensure issues are addressed within established SLAs •Participate in cloud security incident response and forensic investigations •Support incident response for cloud security events and breaches •Maintain cloud security remediation tracking and reporting dashboards Required Qualifications: Education & Experience •Bachelor's degree in Cybersecurity, Cloud Computing, Information Technology, or related field •2-3 years of hands-on experience in cloud security, cloud infrastructure, or related cybersecurity roles •1 year of experience with cloud vulnerability management and CSPM tools •Strong experience with Azure •Experience managing security across major cloud platforms in enterprise environments Cloud Security Expertise •Proficiency with Cloud Security Posture Management (CSPM) platform: Prisma Cloud or similar solutions •Strong experience with native cloud security services: AWS Security Hub/Config, Azure Security Center/Defender, GCP Security Command Center •Proficiency with cloud vulnerability scanning and cloud workload protection platforms •Working knowledge of container security tools and Kubernetes security scanning •Understanding of cloud compliance frameworks and automated compliance monitoring Technical Skills •Advanced knowledge of major cloud platforms: AWS, Microsoft Azure, Google Cloud Platform •Infrastructure as Code expertise: Terraform, CloudFormation, ARM templates •Container and orchestration experience: Docker, Kubernetes, or similar •Scripting and automation: Python, PowerShell, Bash, YAML for cloud security automation •CI/CD integration: Jenkins, GitLab CI, Azure DevOps, GitHub Actions for security pipeline integration •Cloud networking: VPCs, security groups, network ACLs, cloud firewalls, and micro-segmentation •Understanding of network security in cloud environments and container technologies DevSecOps & Development •Experience with DevSecOps practices and security integration in cloud-native development •Knowledge of secure coding practices for cloud applications and microservices •Understanding of API security and cloud service authentication mechanisms •Familiarity with cloud-native application architectures and serverless security considerations Compliance & Standards •Knowledge of cloud security frameworks: CIS Cloud Benchmarks, NIST Cloud Computing Framework, Cloud Controls Matrix •Understanding of shared responsibility models across different cloud providers •Familiarity with cloud compliance programs: SOC 2, ISO 27001, PCI-DSS, FedRAMP •Familiarity with data protection regulations in cloud environments: GDPR, CCPA, HIPAA Key Performance Indicator: •Achieve 99%+ asset coverage and scanning coverage across all cloud environments •Successfully integrate security scanning into >90% of cloud deployment pipelines •Minimize critical cloud vulnerability exposure time to <24 hours •Track cloud security remediation progress and ensure SLA compliance •Respond to cloud security incidents within 30 minutes of detection •Automate 80%+ of routine security configuration and compliance checks •Reduce cloud security incidents through proactive vulnerability management •Successfully integrate security controls into development workflows •Achieve high adoption rates of cloud security tools and practices across teams What are we all about?  The Access Group is one of the largest UK-headquartered providers of business management software to small and mid-sized organisations in the UK, Ireland, USA and Asia Pacific. It helps more than 100,000 customers across commercial and non-profit sectors become more productive and efficient. Our products and solutions go beyond providing technology, we connect the right people with the right data, at the right time, through Access Workspace.   At Access, we are committed to creating a welcoming and inclusive environment where everyone can thrive. If you're excited about this role, (even if your previous experience doesn't align perfectly), you might just be the perfect fit for us! We wholeheartedly believe in equality for all and the transformative power of diversity. Why not join our vibrant team where you can love what you do, love how you live, and most importantly, be authentically you? Let's make a difference together. Love Work. Love Life. Be You.