Cloud Security Specialist
Job Summary
Wood Mackenzie is the global leader in analytics insights and proprietary data across the entire energy and natural resources landscape.
For over 50 years our work has guided the decisions of the worlds most influential energy producers utilities companies financial institutions and governments.
Now with the worlds energy system more complex and interconnected than ever before sector-specific views are no longer enough. Thats why weve redefined whats possible with Intelligence Connected.
By fusing our unparalleled proprietary data with the sharpest analytical minds all supercharged by Synoptic AI we deliver a clear interconnected view of the entire value chain. Our trusted team of 2700 experts across 30 countries breaks siloes and connects industries markets and regions across the globe.
This empowers our customers to identify risk sooner spot opportunities faster and recalibrate strategy with confidence whether planning days weeks months or decades ahead.
Wood Mackenzie
Intelligence Connected
Wood Mackenzie Values
- Inclusive we succeed together
- Trusting we choose to trust each other
- Customer committed we put customers at the heart of our decisions
- Future Focused we accelerate change
- Curious we turn knowledge into action
Position Overview:
We are looking for an experienced hands-on Cloud Security Specialist to join our cyber security team. This is a technical individual-contributor role focused on securing our cloud and application environments day to day; designing and implementing controls assessing our cloud posture and working alongside engineering and DevOps teams to build security in from the start.
Youll be someone who is comfortable working directly in cloud consoles and security tooling enjoys getting into the technical detail and can communicate clearly with both technical teams and other stakeholders. Youll be a technical point of reference for colleagues on cloud security matters.
Key Responsibilities:
Design implement and maintain security controls across our cloud environment in align with our cyber risk and control framework
Conduct cloud security assessments and architecture reviews and track findings through to remediation
Manage and tune cloud-native security tooling (CSPM CWPP cloud WAF)
Working knowledge and input to identity and access management (IAM) policies and controls
Coordinate cloud vulnerability remediation with the relevant teams
Investigate cloud security events and support incident response
Help ensure our cloud environment aligns with recognised frameworks and benchmarks (CIS CSA CCM NIST)
Contribute to security policies standards and technical documentation
Support compliance activities (e.g. SOC 2 ISO 27001 PCI-DSS GDPR) as they relate to the cloud environment
Keep current with emerging cloud threats vulnerabilities and tooling and share knowledge with the team
Supporting wider security team where possible
Essential Requirements:
4 years of cyber security experience with 2 years hands-on in cloud security
Deep practical experience securing your primary cloud platform (AWS and Azure)
Working knowledge of IAM network security concepts and encryption/data-protection fundamentals
Familiarity with at least one major security framework (NIST CSF MITRE ATT&CK CIS Benchmarks or Zero Trust)
Ability to explain security issues and trade-offs clearly to both technical and non-technical audiences
Desirable (nice to have not required)
Experience integrating security into CI/CD pipelines / DevSecOps practices
Exposure to SIEM platforms (e.g. Splunk Sentinel) and EDR solutions
Experience with SAST/DAST or vulnerability-scanning tools
Background in penetration testing or offensive security
Experience with threat intelligence or threat-hunting tooling
Experience in a regulated industry (financial services healthcare energy)
Technical Skills:
Strong hands-on expertise with cloud platform security services and native tooling
Understanding of network security firewalls IDS/IPS and VPN technologies
Comfortable working with IAM cloud configuration and infrastructure security settings directly
Certifications and Education (one or more is a plus not essential)
Bachelors degree in Computer Science Information Security or a related field -or equivalent practical experience
CCSP (Certified Cloud Security Professional)
AWS Certified Security Specialty
Microsoft Certified: Azure Security Engineer Associate
CISSP (Certified Information Systems Security Professional)
Soft Skills:
Strong analytical and problem-solving abilities
Clear written and verbal communication
Ability to explain complex security concepts to technical and non-technical audiences
Strong attention to detail and the ability to prioritise under pressure
Collaborative approach to working with cross-functional teams
#LI-DB1
Equal Opportunities
We are an equal opportunities employer. This means we are committed to recruiting the best people regardless of their race colour religion age sex (including pregnancy sexual orientation and gender identity) national origin disability or protected veteran status. You can find out more about your rights under the law at
Required Experience:
IC
Key Skills
- CCTV
- Low Voltage
- Network Management
- IDS
- Computer Networking
- Field Service
- ICD Coding
- Military Experience
- Security
- Security System Experience
- Information Security
- Troubleshooting
About Company
Empower strategic decision-making in global natural resources with quality data, analysis and advice. Discover the latest insights and reports online.