Blue Light Card. Individually great, together unstoppable
The Role and the Team
We have an exciting opportunity for a Cloud Security Engineer to join our Technology team and play a key role in how we secure and evolve our cloud estate. You'll reporting directly to the Director of Technology & Security.
This is a hands-on role where youll take the technical lead on securing our cloud and edge estate. Youll work closely with our platform and engineering squads, helping us continuously improve how we protect the infrastructure that sits behind our product. If you love solving complex security challenges and want your work to matter, this is a great time to join.
What Youll Do
Own our Cloud Security Posture Management tooling day to day, tuning policies, driving remediation, and keeping our security position visible across the business
Keep our AWS estate secure across IAM, network controls, encryption, logging, and workload protection, partnering with platform engineering on guardrails, Service Control Policies, and secure landing zones
Manage our Cloudflare edge as a security control, tuning WAF rules, overseeing rate limiting and bot management, and responding quickly as threats evolve
Develop and maintain our technical security standards across cloud, WAF, IAM, and logging, keeping us aligned with best practice and our regulatory obligations
Support compliance across UK GDPR, PCI DSS, ISO 27001, NIST CSF, and Cyber Essentials Plus, contributing to risk assessments and implementing technical mitigations
What Youll Bring
Hands-on experience with AWS, Cloudflare, Tenable, and SIEM, with the depth to use these tools confidently day to day
Proven experience working to frameworks including NIST CSF, ISO 27001, and Cyber Essentials Plus, with a practical understanding of what good compliance really looks like
Experience leading or contributing to incident response, particularly for cloud and edge incidents such as credential stuffing, IAM compromise, and exposed assets
Strong working knowledge of Cloudflare Enterprise, including WAF rule authoring, Bot Management, and log pipelines into SIEM
Our Culture
Our mission is simple make heroes happy. Our members are the real-life heroes who keep us all safe, cared for, and thriving. Its what gets us up in the morning and pushes us to go further, think bigger, and create something that truly matters. By focusing on their happiness, we create amazing experiences, deliver unrivalled discounts, innovative products, and world-class service.We dont just follow the usual path - we look for smarter, bolder ways to deliver real impact. We take ownership, move fast, and work shoulder to shoulder to build something special.
We promote hybrid working, and value in-person collaboration so encourage time in our offices, where you can make the most of our fully stocked snack drawers either the HQ in Leicestershire, or London, Holborn office. The frequency and office location will vary depending on the role and team. We aim to be flexible, but we arent able to offer fully remote working.
Blue Light Card is an equal opportunities employer. We believe that employing a diverse workforce is key to our success. We make recruiting decisions based on your experience and skills.In the event ofahigh number of applications,wellprioritise candidates who meet both the essential and desirable criteria for the role.
What We Offer
Great social events e.g., festive party, summer party, team socials, sports matches
Relaxed dress code and modern office space (games area, chill-out areas, bookclub, free drinks/snacks)
#LI-Hybrid
Remote Status: hybrid
Location 1 24-28 Bloomsbury WayLondonLondonWC1A 2SNUnited Kingdom
Location 2 *(if applicable) 