Cloud Security Engineer ( AWS WAF - Terraform)

We are looking for a Cloud Security Engineer to build and own our cloud security function from the ground up. This is not a role where you will wait for instructions. You will be expected to assess our environment, identify gaps, and define the roadmap for how we mature our cloud security posture.

Reporting directly to the Head of Security Operations, you will have the autonomy to shape this function, bring your own ideas, and execute on them. You will work alongside engineers in the Detection & Response and Penetration Testing teams, and together you will drive meaningful security improvements across DAZN. This is a role with real scope to grow.

If you want to build something, not just maintain it, this is the opportunity. Key Responsibilities Define and build a cloud security function that fits DAZN's environment and risk profile Establish cloud security posture management using Wiz, including triage workflows, remediation tracking, and reporting Own cloud vulnerability management across AWS (primary), Azure, GCP, and OCI Assess findings, determine real-world risk, and drive remediation with engineering teams — cutting through noise and false positives Trace misconfigurations to their source in Infrastructure as Code (Terraform, CloudFormation) and CI/CD pipelines, working directly with the teams who deploy Support and improve WAF operations, collaborating with the existing WAF engineers Develop cloud security standards, runbooks, and guidance that engineering teams can actually use Identify opportunities to automate and improve cloud security processes Act as the subject matter expert for cloud security within Security Operations Skills, Knowledge & Expertise Strong hands-on experience with AWS security services and architecture (IAM, Security Groups, VPCs, FW manager etc.) Experience with Cloud Security Posture Management (CSPM) tools; Wiz experience is highly preferred Solid understanding of Infrastructure as Code security (Terraform, CloudFormation) and CI/CD pipeline security Experience with container security, particularly in AWS EKS/Kubernetes environments Ability to assess cloud security findings, determine severity and exploitability, and communicate risk clearly to technical and non-technical stakeholders Experience working in a multi-cloud environment Strong communication skills and confidence working directly with engineering teams