The company's family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a real-time, 3D command and control centre.

As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion and networking technology to the military in months, not years.

We are seeking a mission-driven Cloud Infrastructure Engineer to take a leading role in designing and implementing world-class defensive controls. This is a high-impact role with the autonomy to shape security architecture and protect the technology that is changing the future of defence.

Key Responsibilities:

• Design and Own Security Architecture: Architect, build and deploy robust, scalable security controls for our corporate, development and production cloud environments (AWS, Azure, GCP).

• Automate Everything: Develop and automate infrastructure-as-code (IaC) to manage and scale our cloud deployments securely and efficiently.

• Proactively Defend: Continuously monitor, identify and remediate security weaknesses and configuration drift across our entire cloud footprint.

• Be a Force Multiplier: Partner with infrastructure, application and product teams to embed security best practices into their workflows and secure environments holding mission-critical data.

• Enable Scale and Reliability: Engineer systems and processes that ensure our platforms are highly available, resilient and prepared for rapid growth.

• Serve as a Cloud Security Expert: Act as the go-to subject matter expert for teams across Anduril, providing guidance, mentorship and paved-road solutions for building securely in the cloud.

Requirements:

• Proven experience building and securing complex cloud environments, typically gained through 3+ years in a Cloud Security, DevOps or SRE role.

• Deep proficiency in at least one major cloud provider (AWS, Azure or GCP).

• Strong hands-on experience with Infrastructure as Code (e.g., Terraform, CloudFormation, Bicep).

• Solid programming/scripting ability in one or more languages (e.g., Python, Go, Rust).

• Firm understanding of public cloud networking principles (e.g., VPCs, subnets, routing, security groups).

• Must be a U.S. Person and eligible to obtain and maintain a U.S. Top Secret security clearance.

Preferred Qualifications:

• Experience hardening and monitoring Kubernetes clusters (EKS, GKE, AKS).

• Experience with cloud security posture management (CSPM) or threat detection tooling.

• Familiarity with CI/CD pipelines and securing the software supply chain.

• Knowledge of compliance frameworks such as FedRAMP, MRL, SOC 2 or CMMC.

• On-premises network engineering experience.

XML job scraping automation by YubHub

What we're all about

At Quantexa, we're a team of innovators and problem solvers who are passionate about creating real change for our clients and their industries. We're driven by a desire to do things better than the last time, and we're always looking for talented individuals to join our team.

The opportunity

We're seeking a highly skilled Cyber Security Engineer to join our Security Operations team. As a Cyber Security Engineer, you will play a key part in protecting Quantexa's systems and data from cyber threats. You will be responsible for the day-to-day operation, optimisation, and monitoring of core security platforms, with a particular focus on Zscaler, Cloud monitoring through Wiz, and Endpoint Detection and Response through CrowdStrike.

Responsibilities

Wiz (Cloud Security Posture Management)

• Monitor and triage Wiz findings daily, validating alerts and determining operational impact.
• Perform tuning and threat hunting within Wiz and other tooling.
• Identify misconfigurations, excessive permissions, and exposed assets, escalating where required.
• Track remediation progress with engineering owners and ensure closure of high-priority issues.

Zscaler (Web Security Tunnel 2.0)

• Review and triage Zscaler alerts and policy violations, following documented response procedures.
• Investigate suspicious traffic, access attempts, and user activity to determine legitimacy and risk.
• Support enforcement actions by validating policy alignment and working with IT and Cloud teams to remediate issues.
• Monitor coverage and configuration across users and locations, identifying gaps or misconfigurations.
• Support policy tuning by analysing false positives and recommending rule or policy adjustments.
• Contribute to playbook development, operational maturity, and ongoing service readiness.

CrowdStrike (Endpoint Detection and Response)

• Review and triage endpoint detections, applying documented response steps.
• Execute containment actions, including network isolation and sensor troubleshooting.
• Validate full sensor coverage across the estate and address gaps in coordination with IT.
• Support tuning activities by analysing false positives and proposing rule refinements.
• Contribute to playbook improvements and operational readiness tasks.

Security Operations

• Conduct initial investigation of security incidents, collect evidence, and escalate based on severity with a keen eye on the quality of the output.
• Perform daily review of alerts across our SIEM, Wiz, CrowdStrike, and other platforms.
• Validate vulnerabilities and configuration weaknesses raised by scanning tools.
• Ability to interpret and operationalise threat intelligence, understand how it informs detection, prioritisation, and response activities, and clearly communicate technical threat intelligence to non-technical stakeholders.
• Support cloud security controls, identity hygiene checks, and network policy reviews.
• Contribute to the ongoing maturity and documentation of operational processes.

Collaboration and Ways of Working

• Act as a trusted operational partner to the Cyber Security Manager and the wider Information Security team, providing proactive support and consistent engagement.
• Partner closely with DevOps, IT, and Engineering teams to drive timely and effective remediation actions.
• Deliver clear and concise updates on incidents and operational activities proactively, without the need for prompting.
• Actively participate in team stand ups, contributing constructively to continuous improvement and operational maturity.
• Support senior engineers with platform enhancements, integrations, and controlled change activities.

What you'll bring

• Demonstrated hands-on experience with security operations, incident triage, or vulnerability management.
• Familiarity with EDR platforms (ideally CrowdStrike) and security telemetry analysis.
• Knowledge of cloud environments, particularly Azure including Entra and Conditional Access, and a good understanding of cloud security concepts.
• Ability to understand alert context, assess impact, and follow structured response processes.
• Strong attention to detail, disciplined documentation, and good communication skills.

Benefits

• Competitive salary
• Company bonus
• Hybrid workplace & free access to global WeWork locations & events
• Pension Scheme with a company contribution of 6% (if you contribute 4% or more)
• 25 days annual leave
• Flexible working hours
• Professional development opportunities
• Access to a range of employee benefits, including health insurance, gym membership, and more

XML job scraping automation by YubHub