Senior Cloud Security Engineer

Ki • Full-time • Remote (London, England, United Kingdom) • 1d ago

Who are we?👋

Look at the latest headlines and you will see something Ki insures. Think space shuttles, world tours, wind farms, and even footballers’ legs. 

Ki’s mission is simple. Digitally disrupt and revolutionise a 335-year-old market. Working with Google and UCL, Ki has created a platform that uses algorithms, machine learning and large language models to give insurance brokers quotes in seconds, rather than days. 

Ki is proudly the biggest global algorithmic insurance carrier. It is the fastest growing syndicate in the Lloyd's of London market, and the first ever to make $100m in profit in 3 years. 

Ki’s teams have varied backgrounds and work together in an agile, cross-functional way to build the very best experience for its customers. Ki has big ambitions but needs more excellent minds to challenge the status-quo and help it reach new horizons.

Where you come in?

As a senior and highly experienced Cloud Security Engineer, you'll be working closely with engineering teams across Cloud Services, Infrastructure, Product teams to help embed risk-conscious technical security controls in our services and products, development workflows and activities.

You'll be responsible for designing, implementing, and managing robust security measures across our cloud platforms. This role involves collaborating with cross-functional teams to develop security strategies, automate security processes, and proactively identify and mitigate potential threats. You will work on cloud native security tooling, automating our work, and leveraging infrastructure of code.

This role is expected to use AI to build automation and agentic AI workflows responsibly, to improve productivity, while ensuring safe use, data protection, and appropriate security controls.

What you will be doing: 🖋️

Cloud Security Architecture & Design

Design and implement security architectures for cloud-based systems, including GCP, Azure, AWS or hybrid environments
Design secure cloud architectures for AI/LLM workloads and AI-enabled services, including isolation patterns, secure networking, and hardened runtime configurations
Ensure the reproducibility of security configurations and infrastructure through infrastructure-as-code (IaC), specification driven development(SDD), and automated deployment pipelines
Automate cloud security processes leveraging agentic AI harnesses.
Design and implement robust security measures across our cloud platforms
Be opinionated regarding Ki's current architecture, able to suggest improvements

Security Governance & Policy

Develop and enforce security policies, standards, and guidelines for cloud services
Ensure cloud environments meet regulatory and compliance requirements such as ISO 27001, SOC 2, SOX ITGC, NIST, GDPR, etc
Conduct and automate regular security assessments and audits
Enable cloud security governance (Azure, GCP and AWS) with security monitoring, cloud security posture and vulnerability management

Incident Response & Monitoring

Monitor cloud environments for security breaches and respond to incidents
Conduct root cause analysis, create incident reports, and implement remediation strategies
Triage & prioritise mitigation of vulnerabilities adhering to our remediation policies

Identity & Access Management

Manage and implement IAM policies, roles, and permissions to enforce the principle of least privilege and zero trust
Develop solutions for secure authentication and authorisation mechanisms

Data Security & Compliance

Ensure data security and compliance through encryption, data masking, and secure storage practices
Implement DLP (Data Loss Prevention) and data classification technologies

Security Automation & DevSecOps

Develop automated security controls, processes, and work with Terraform, Kubernetes
Define secure-by-default automation patterns for AI-enabled systems, including observability and policy-as-code controls
Integrate security tools and technologies with CI/CD pipelines to enhance DevSecOps practices
Automate your work by writing code and contributing to infrastructure and security tooling around our platforms in the cloud

Collaboration & Enablement

Work closely with development, operations, and product teams to integrate security into the system development lifecycle
Mentor junior security engineers and provide guidance on cloud security best practices
Provide guidance and hands-on implementation advice in application security, aligning to industry best practices and frameworks
Organise regular penetration tests and ad-hoc security assessments
Develop and optimise technical controls for platform integrations
Diligently document your work and share knowledge with the engineers
Help facilitate and manage the Security Champions network across the engineering teams
Organise regular security training sessions

A successful candidate will have:

You have extensive experience working with one of the major public cloud providers (preferably GCP and Azure) and understand network infrastructure
Strong understanding of identity management, network security, firewalls, VPNs, IDS/IPS, and WAFs
Hands-on scripting or programming experience with Python, Golang, or similar languages, delivered services or automation into production
Hands-on experience with security tools such as SIEM, vulnerability scanners, EDR/XDR, and cloud security posture management (CSPM) tools
You understand the Kubernetes ecosystem and security considerations around it
You have experience with AI augmented development flows, and you can steer agents effectively for high quality outcomes that you can understand and explain
You have worked with agile development teams before collaboratively
The ability to troubleshoot and solve cloud related security issues independently
Google Cloud Platform and Azure Experience
Experience with CNAPP, and CSPM type tools like Wiz
Experience with Kubernetes, Docker, and container security
Experience with Infrastructure-as-Code using Terraform / OpenTofu, HCL
Experience with CI tools such as Github Actions, Azure DevOps, pipeline builds, release packaging and artefact management
Enterprise-wide agile methodologies and practices

Desirable Qualifications

GCP professional cloud security engineer qualification desirable
Experience or familiarity with securing LLM systems and AI agent harness and tool access patterns