Techfellow Limited

About the Company

At Techfellow, we connect top tech talent with leading financial firms worldwide. With a deep understanding of your business and tech needs, we match exceptional engineers, developers, and cybersecurity experts to the right opportunities.

Fit is our priority. We're selective, focusing on quality over quantity to find the best candidates for our valued partners!

Listed Jobs

Company Name

Techfellow Limited

Job Title

Cyber Security Engineer (AWS Focus) | Leading European Investment Company

Job Description

**Job Title:** Cyber Security Engineer (AWS Focus) **Role Summary:** Independent technical lead responsible for designing, implementing, and continuously improving AWS security controls, tooling, and processes in a regulated, cloud‑first investment environment. Works closely with engineering, DevOps, and security teams to embed security into CI/CD, IaC, and cloud workflows, while driving incident response, regulatory readiness, and threat modelling. **Expectations:** - Own end‑to‑end AWS security posture, from prevention to detection and monitoring. - Deliver measurable improvements in GuardDuty tuning, cost efficiency, and alert quality. - Evaluate, recommend, and migrate security tooling (EDR, XDR, SIEM, CSPM). - Serve as the technical authority on cloud security design for new services and infra changes. - Support SOX/SOC 2 compliance, evidence generation, and regulatory assurance activities. - Mentor junior analysts on cloud security concepts and investigations. - Operate autonomously in a lean team, prioritizing actions that reduce risk and enhance controls. **Key Responsibilities:** 1. Own AWS security engineering, including preventative controls, detection, and monitoring. 2. Mature GuardDuty configuration, reduce noise, improve signal and cost. 3. Lead assessment, selection, and migration of security tooling (EDR, XDR, SIEM, CSPM). 4. Act as the cloud‑security point of reference for engineering and DevOps. 5. Provide deep technical expertise during incident investigations and triage. 6. Integrate security into CI/CD pipelines, IaC, and cloud‑native workflows. 7. Conduct cloud security architecture reviews and threat modelling for new services. 8. Participate in regulatory and assurance programs (SOX, SOC 2). 9. Develop scalable security standards, patterns, and documentation. 10. Mentor the security analyst on tooling and investigations. **Required Skills:** - 3–6+ years of hands‑on AWS security engineering in production. - Deep knowledge of AWS security services (GuardDuty, IAM, logging, CloudTrail, CloudWatch). - Experience evaluating and improving EDR/XDR/SIEM/CSPM solutions. - Familiarity with regulated environments (financial services, insurance, legal). - Practical understanding of audit, compliance, and control frameworks. - Strong delivery mindset; proven ownership of security projects. - Excellent written and verbal communication; ability to influence stakeholders. - (Preferred) Scripting/automation (Python). - (Preferred) IaC experience (Terraform, CloudFormation). - (Preferred) Exposure to crypto/digital‑asset or highly cloud‑native microservices environments. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Security, or equivalent, or substantial equivalent experience. - 3–6+ years in security engineering roles. - (Preferred) Relevant certifications such as AWS Certified Security – Specialty, CISSP, or equivalent.

London, United kingdom

Hybrid

Mid level

19-02-2026

Company Name

Techfellow Limited

Job Title

Lead Detection & Security Engineering Specialist | Leading Global Investment Group

Job Description

Job Title: Lead Detection & Security Engineering Specialist Role Summary: Architect, implement, and scale enterprise detection, response, and security engineering capabilities in a fast‑growing, technology‑driven investment firm. Work directly with senior security and engineering leadership to design modern monitoring, incident response, identity, and infrastructure controls that meet regulatory standards while enabling business velocity. Expectations: - 5–12 years of experience in security engineering, detection engineering, or incident response in complex technical environments. - Proven track record of designing and operationalizing detection strategies rather than merely triaging alerts. - Hands‑on experience with SIEM, telemetry pipelines, or custom detection tooling. - Strong background in systems engineering, software development, or infrastructure operations. - Comfortable managing Linux‑based systems and cloud platforms. - Ability to balance preventative controls with realistic operational constraints. - Excellent written and verbal communication with senior stakeholders. Key Responsibilities: - Design and mature detection and response capabilities, including signal generation, alert quality, telemetry coverage, and response workflows. - Implement high‑fidelity detection mechanisms (deception technologies, behavioural monitoring, anomaly‑based alerting). - Build and maintain security controls across infrastructure, cloud services, and internal applications. - Contribute to identity and authentication architecture (certificate services, machine‑to‑machine trust). - Integrate security controls into engineering build and deployment pipelines. - Define security standards aligned with regulatory expectations and business velocity. - Lead incident investigations, perform root‑cause analysis, and drive durable remediation. - Make architectural decisions that enhance long‑term resilience, scalability, and risk reduction. - Continuously evaluate and expand monitoring coverage to close visibility gaps. Required Skills: - Security monitoring, telemetry pipelines, SIEM platforms, or custom detection tooling. - Design and implementation of detection strategies, alert engineering, and response automation. - Systems engineering, software development, or infrastructure operations experience. - Linux system administration and cloud environment (AWS, Azure, GCP) expertise. - Identity and authentication architecture (certificates, OAuth, SAML). - Incident response, root‑cause analysis, and remediation planning. - Strong written and verbal communication; stakeholder management. Required Education & Certifications: - Bachelor’s degree in Computer Science, Information Security, Engineering, or related field (or equivalent experience). - Industry certifications (preferred): CISSP, CISM, GCIH, GIAC Security Essentials, or equivalent. - Additional certifications in cloud security (AWS Certified Security – Specialty, Azure Security Engineer Associate) and SIEM technologies (Splunk, QRadar) are a plus.

London, United kingdom

Hybrid

Senior

19-02-2026

Company Name

Techfellow Limited

Job Title

Security Operations Engineer | Strategic Financial Risk Solutions Firm

Job Description

**Job title:** Security Operations Engineer **Role Summary:** Security Operations Engineer responsible for detecting, triaging, and responding to threats across on‑premise and cloud infrastructures. Works within a small, high‑impact SecOps team to develop SIEM rules, automate response processes, and conduct advanced threat hunting, gradually expanding in‑house detection capabilities. **Expectations:** - 5–8 years of experience in security operations, incident response, or detection engineering. - Hands‑on proficiency with SIEM, SOAR, threat intelligence platforms, and Microsoft security tools. - Ability to write and tune detection rules (e.g., using KQL, SPL, or equivalent). - Experience building and maintaining automation and integrations across security tooling. - Strong knowledge of Azure, AWS, or similar cloud environments. - Proactive mindset focused on continuous process improvement. - Excellent verbal and written communication for technical and business audiences. - Availability for a structured on‑call rotation (~1 week/month) and participation in incident response investigations. **Key Responsibilities:** 1. Investigate, triage, and resolve security alerts from SIEM, SOAR, and monitoring platforms. 2. Develop, fine‑tune, and document SIEM detection rules, ensuring optimal balance between coverage and noise. 3. Conduct proactive threat hunting using telemetry, logs, and external threat intelligence sources. 4. Translate emerging threat intelligence into actionable detection improvements and playbook updates. 5. Identify, design, and implement automation to streamline incident response workflows across the tooling stack. 6. Support vulnerability management by identifying issues and tracking remediation within incident lifecycle. 7. Participate in technical incident response investigations and post‑mortem analysis. 8. Maintain detection playbooks, runbooks, and operational SOPs. 9. Collaborate with internal development, architecture, and ops teams to expand monitoring coverage. 10. Evaluate new security technologies and provide recommendations to enhance existing tooling. **Required Skills:** - Detection engineering (rule authoring & tuning). - SIEM/SOAR platform administration (e.g., Splunk, QRadar, Azure Sentinel). - Threat intelligence integration and analysis. - Cloud security fundamentals (Microsoft 365, Azure AD, Azure Sentinel; AWS security services). - Scripting (PowerShell, Python, or equivalent) for automation and integration. - Incident response coordination and playbook development. - Strong communication, documentation, and stakeholder engagement. - Familiarity with regulated environments (financial services, insurance) is a plus. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field. - Relevant certifications (e.g., CompTIA Security+, CEH, CISSP, Microsoft 365 Security Administrator, Azure Security Engineer Associate, or equivalent) preferred.

London, United kingdom

Hybrid

09-03-2026