Security and Infrastructure Engineer
other jobs Astrii Group
Added before 3 Days
- England,London,City of London
- Part Time, Contract
- Salary negotiable
Job Description:
The Mission
We provide Information Security and Compliance services and help our clients build secure and audit-ready systems. We’re looking for a person that is primarily a Security Engineer, but who is comfortable working on improving CloudInfrastructure and Pipelines. We want to bridge the gap between high-level compliance (SOC 2, ISO 27001, GDPR) and technical execution.
You will be working on our clients’ infrastructure and pipelines, and ensuring they are ready for compliance audits. You will also be responsible for tasks corresponding to security controls that need ongoing support.
The Commitment & Scalability
*Expected Commitment: Initially roughly 5-10 days per month.
*The Expertise Accelerator: If you already have experience with ISO 27001, SOC 2, and GDPR implementations, we might be able to offer more days from the start.
*The Long Game: This role is designed to evolve into a permanent position as our client base grows. It is fully compatible with other engagements until we scale toward full-time.
*Flexibility: Your schedule is your own as the role is remote-first with flexible hours. However, due to the nature of the role, remote client meetings on weekdays should be expected.
Your Core Responsibilities
You will be the primary technical contact for our clients’ security and infrastructure needs:
*Cloud Security Engineering: Directly modifying and hardening client Cloud Environments with a strong emphasis on AWS (IAM, VPCs, Encryption, Logging).
*Security as Code: Writing and maintaining CI/CD pipelines and Infrastructure as Code (Terraform/CloudFormation) to ensure security is baked into the deployment process.
*Compliance Implementation: Translating SOC 2, ISO 27001, and GDPR requirements into technical reality for diverse client environments.
*Control Validation: Performing technical validation of security controls to ensure clients stay audit-ready.
*Operational Security: Managing client-facing tasks like log reviews, patch management, and vulnerability remediation.
What We’re Looking For
*The Cloud Builder: You are deeply comfortable making direct changes to Cloud (AWS) infrastructure and understand how to do so safely in production environments.
*Pipeline Proficiency: You know how to write and optimise CI/CD pipelines (GitHub Actions, AWS CodePipeline, etc.).
*Compliance Savvy: You understand the "Why" behind ISO 27001, SOC 2, and GDPR, and more importantly, the "How" of implementing them technically.
*Client-Facing Pro: You can explain technical security risks to both developers and stakeholders with clarity and in a professional manner.
*Ownership Mentality: We are a small, ambitious company. We need someone who takes initiative and wants to grow into a foundational leadership role.
Why Join Us?
You’ll get to work across various stacks and help different companies solve security problems. You’ll also have a direct hand in shaping our service offerings and technical roadmap. If you want a role where you aren’t just a "checker" but a "builder," we want to talk.
We provide Information Security and Compliance services and help our clients build secure and audit-ready systems. We’re looking for a person that is primarily a Security Engineer, but who is comfortable working on improving CloudInfrastructure and Pipelines. We want to bridge the gap between high-level compliance (SOC 2, ISO 27001, GDPR) and technical execution.
You will be working on our clients’ infrastructure and pipelines, and ensuring they are ready for compliance audits. You will also be responsible for tasks corresponding to security controls that need ongoing support.
The Commitment & Scalability
*Expected Commitment: Initially roughly 5-10 days per month.
*The Expertise Accelerator: If you already have experience with ISO 27001, SOC 2, and GDPR implementations, we might be able to offer more days from the start.
*The Long Game: This role is designed to evolve into a permanent position as our client base grows. It is fully compatible with other engagements until we scale toward full-time.
*Flexibility: Your schedule is your own as the role is remote-first with flexible hours. However, due to the nature of the role, remote client meetings on weekdays should be expected.
Your Core Responsibilities
You will be the primary technical contact for our clients’ security and infrastructure needs:
*Cloud Security Engineering: Directly modifying and hardening client Cloud Environments with a strong emphasis on AWS (IAM, VPCs, Encryption, Logging).
*Security as Code: Writing and maintaining CI/CD pipelines and Infrastructure as Code (Terraform/CloudFormation) to ensure security is baked into the deployment process.
*Compliance Implementation: Translating SOC 2, ISO 27001, and GDPR requirements into technical reality for diverse client environments.
*Control Validation: Performing technical validation of security controls to ensure clients stay audit-ready.
*Operational Security: Managing client-facing tasks like log reviews, patch management, and vulnerability remediation.
What We’re Looking For
*The Cloud Builder: You are deeply comfortable making direct changes to Cloud (AWS) infrastructure and understand how to do so safely in production environments.
*Pipeline Proficiency: You know how to write and optimise CI/CD pipelines (GitHub Actions, AWS CodePipeline, etc.).
*Compliance Savvy: You understand the "Why" behind ISO 27001, SOC 2, and GDPR, and more importantly, the "How" of implementing them technically.
*Client-Facing Pro: You can explain technical security risks to both developers and stakeholders with clarity and in a professional manner.
*Ownership Mentality: We are a small, ambitious company. We need someone who takes initiative and wants to grow into a foundational leadership role.
Why Join Us?
You’ll get to work across various stacks and help different companies solve security problems. You’ll also have a direct hand in shaping our service offerings and technical roadmap. If you want a role where you aren’t just a "checker" but a "builder," we want to talk.
Job number 3460555
Increase your exposure to recruiters with ProJobs
Thousands of recruiters are looking for you in the Job Master profile database, increase your exposure 4 times with a ProJob subscription
You can cancel your subscription at any time.
metapel
Company Details:
Astrii Group
Company size: 1–4 employees
Industry: IT & Telecoms
We function as the dedicated compliance and security department for our clients, taking full ownership of their security posture so they can focus on ...