Senior Cloud Infrastructure Security Engineer

About the role

You will ensure that Wyden’s AWS/Azure-based environments are secure, resilient, and auditable by default. You will play a central role in security operations (SecOps): threat detection, incident response, hardening, and continuous improvement of our production environments. You will work closely with: DevOps / Platform Engineering, Head of Production, Head of Data Governance Compliance and the Engineering teams. This role goes beyond preventative security — it is about operating secure systems under real-world conditions.

Responsibilities

Cloud Infrastructure, Reliability Operations (50–60%)

• Design, build, and operate AWS/Azure infrastructure (VPCs, networking, load balancers, firewalls)
• Deploy and operate Kubernetes clusters (EKS/AKS) with a focus on secure-by-default configurations
• Build and maintain monitoring, alerting, and observability (Prometheus, Grafana, ELK, CloudWatch)
• Act as a key responder in production incidents, including security-related events
• Lead root-cause analysis and drive corrective and preventative actions
• Automate infrastructure provisioning and changes using Terraform, Helm, GitOps
• Operate and secure PostgreSQL databases (backups, replication, access controls, failover)
• Optimise infrastructure for resilience, performance, and cost

Security Operations Platform Compliance (40–50%)

• Own and operate security controls across cloud, Kubernetes, network, and data layers
• Design, implement, and maintain identity and access management (IAM), including least‑privilege and zero‑trust models
• Secure Kubernetes environments through RBAC, network policies, secrets management, and cluster hardening
• Manage SIEM, logging pipelines, threat detection systems, and security analytics workflows
• Perform vulnerability management activities: scanning, prioritisation, remediation coordination, and risk reporting
• Support security incident response, including triage, investigation, containment, and post‑incident reviews
• Collaborate with Compliance to satisfy ISO27001, SOC2, and client security requirements
• Translate compliance and governance requirements into practical, enforceable technical controls
• Drive continuous security improvement through automation, hardening, and proactive risk identification

The ideal candidate would bring:

• 6–8+ years in Cloud Engineering, SRE, DevOps, or SecOps
• Strong hands‑on experience with AWS and/or Azure in regulated or security-sensitive environments
• Deep operational experience with Kubernetes (EKS/AKS) and container security
• Proven experience running production security operations, not just designing controls
• Strong Infrastructure-as-Code skills (Terraform, Helm, CloudFormation, ARM)
• Solid background in monitoring, logging, incident response, and on‑call operations
• Practical knowledge of cloud security and Kubernetes security patterns
• Experience operating SIEM, IDS/IPS, vulnerability scanning, and alerting tools
• Strong scripting and automation skills (Python, Bash, Go)
• Working knowledge of ISO27001 / SOC2 in real production environments
• Experience in compliance automation using GRC platforms such as Drata
• Security certifications (AWS Security Specialty, CISSP, CISM) are a plus, but hands‑on experience matters more

What Wyden offers

• An opportunity to play a key role in shaping the future of the digital assets industry.
• Competitive salary and benefits package.
• Flexible / remote working policies.
• Career development opportunities in a fast-growing startup.
• An open and dynamic work environment where everyone is valued.
• Become part of a global team of professionals with a diverse range of expertise covering banking, trading, software and systems development, and more.