Cloud Security Engineer- 12 Month Contract- Inside IR35- Hybrid in Manchester

Cloud Security Engineer- 12 Month Contract- Inside IR35- Hybrid in Manchester

We are looking for a Cloud Security Engineer to join on a contract basis, operating across both security architecture and hands-on implementation in a hybrid capacity. The role sits across GCP and Azure environments, embedding security controls throughout the engineering life cycle - from threat modelling new products and services through to building automated guardrails using Policy as Code and IaC.

Contract Length: Initial 12 month contract
Rate: £475 per day Inside IR35
Location: Hybrid 2x a week in Manchester

Key Responsibilities

• Assess new GCP and Azure products and services from a security perspective, performing threat modelling and defining appropriate security controls before adoption
• Design and implement security architecture across cloud environments, working closely with engineering teams to embed security by design across different application implementations
• Build and maintain guardrails and security policies using Policy as Code, Terraform, and CI/CD pipelines to enforce consistent security standards at scale
• Deliver hands-on implementation of security controls across cloud-native services, supporting secure configuration and compliance across GCP and Azure estates
• Collaborate with engineering teams on DevSecOps practices, integrating security into development workflows and infrastructure automation pipelines

Top 5 Skills

• Hands-on experience across both GCP and Azure security tooling, with the ability to assess and secure cloud-native products and services
• Strong security architecture and threat modelling skills, with experience working across multiple application and service implementations
• Proficiency in Terraform and Infrastructure as Code, with experience implementing Policy as Code and security guardrails within CI/CD pipelines
• DevSecOps experience - embedding security controls into engineering workflows, automating security checks, and supporting secure pipeline design
• Hybrid capability across architecture and implementation - comfortable producing design artefacts and also delivering hands-on technical security work