Job Specifications
About the Company
EC Markets is committed to maintaining a robust technical security posture and cloud infrastructure, ensuring regulatory compliance while fostering a culture of innovation and security.
About the Role
The Senior Cloud & Information Security Engineer owns EC Markets’ technical security posture and cloud infrastructure. This role is responsible for designing, implementing, and operating secure systems while supporting regulatory compliance.
Responsibilities
Information Security Ownership
Own day-to-day information security controls and technical safeguards.
Implement and maintain security monitoring, logging, vulnerability management, and hardening.
Manage identity and access controls from a technical enforcement perspective (least privilege, MFA, segregation).
Cloud & Infrastructure Engineering
Design, build, and maintain cloud infrastructure (e.g. Azure/AWS), including network setup, with security-by-design principles.
Own infrastructure-as-code, configuration management, and automation.
Ensure secure networking, backups, encryption, and resilience of cloud services.
DevOps & Secure Engineering
Support CI/CD pipelines, release processes, and secure change management.
Embed security into development and deployment workflows.
Maintain version control, environment separation, and technical auditability.
Security Testing & Technical Assurance
Lead technical aspects of penetration testing, vulnerability scans, and remediation.
Support vendor selection and coordination for external security testing and specialist reviews.
Translate findings into concrete technical fixes.
Incident Response (Technical Lead)
Act as technical lead during security incidents.
Support forensic investigation, containment, and recovery.
Contribute to post-incident reviews and control improvements.
Regulatory Support (Technical)
Provide technical evidence and explanations to support audits and FCA reviews.
Work closely with the IT Manager and Compliance on demonstrating effective controls.
Qualifications
Degree in Computer Science, Data Engineering, or related field.
5-8 years of hands-on experience in cloud engineering and information security.
Required Skills
Excellent understanding of networking in on-premises and cloud.
Knowledge of security frameworks (ISO 27001, NIST) applied in practice.
Experience with DevOps tooling, automation, and secure system design.
Preferred Skills
Certifications such as CISSP, CISM, CCSP, or cloud security certifications are desirable.