Rodeo
ResourcesPartnersSign in

Simmons & Simmons

Cloud Engineer – Security

Bristol
Posted about 16 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

The role:

We are looking for a Cloud Engineer to join our IT department in Bristol or London.

Simmons & Simmons is building an Internal Developer Platform to give our product teams a fast, self-service, well-governed route to ship software on Azure. This role makes security the default along that route rather than a gate at the end of it.

You’ll be the security specialist embedded in the Cloud Engineering team — the person who designs and builds the controls, guardrails and tooling that let developers do the secure thing without having to think hard about it. Just as importantly, you’ll be the connective tissue between our central Security function and the product teams: translating security requirements into platform capabilities, and giving Security confidence that the platform enforces what policy demands. It’s a build-and-enable role, not an operational response one.

You’ll work code-first and pipeline-driven throughout, mainly across Azure and GitHub, and you’ll use agentic AI as a core part of how you design, build and scale security tooling.

What will you do:

  • Be the security bridge and point of contact

    • Act as the named security point of contact for the Cloud Engineering team, and the bridge between the central Security team and product teams — so security requirements turn into working platform features instead of tickets and friction.
    • Represent the platform’s security posture to Security and to assurance and audit, and bring Security’s priorities back into the engineering roadmap.
    • Coach and support product teams so that secure patterns become self-service defaults rather than things people queue for.
  • Build security into the Internal Developer Platform

    • Help shape and build the IDP so that secure-by-default paths are the easiest paths — golden paths with controls, identity and compliance baked into the templates teams start from.
    • Design and implement guardrails as code: policy-as-code, identity and access patterns, and the automated checks that keep the estate compliant by construction.
    • Make evidence a by-product of the platform, so assurance and audit can be satisfied from what the pipelines already produce rather than from manual evidence-gathering.
  • Own security tooling and best practice across the IDP

    • Select, integrate and operate security tooling across Azure and GitHub — pipeline security gates, code and dependency scanning, secret detection, and posture management — so checks run automatically and block non-compliant changes from progressing.
    • Define and document the engineering standards and reusable patterns the wider team and product teams build on.
    • Continuously improve the security baseline across the estate as the platform and the threat landscape evolve.
  • Apply agentic AI to security engineering

    • Use agentic AI tooling as a core part of how you design, build, analyse and scale security work — for example to accelerate policy authoring, change-impact analysis and validation.
    • Help the team adopt agentic AI safely and effectively, establishing the patterns and guardrails for using it well within an engineering workflow.
  • Build and run the platform on Azure

    • Design, build and operate the core Azure platform the IDP runs on - landing zones, networking, identity, and the shared services product teams depend on - as reliable, self-service capabilities rather than bespoke, ticket-driven infrastructure.
    • Deliver infrastructure as code: reusable Bicep/Terraform modules, pipeline templates and golden paths that let teams provision compliant Azure resources without reinventing the foundations each time.
    • Own the operational health of the platform - observability, cost management, resilience and lifecycle/upgrades - so the estate stays secure, performant, and well-governed as it grows.
    • Partner with product teams to evolve the platform from real consumption, turning recurring needs into paved, supported capabilities instead of one-off solutions.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

What we are looking for:

Essential

  • Demonstrable experience securing cloud platforms in production, with strong hands-on Azure depth (identity and access, networking, governance).
  • A code-first way of working: infrastructure and policy as code, and confident use of GitHub (or equivalent) with CI/CD pipelines as the primary delivery mechanism.
  • Practical experience embedding security into pipelines — scanning, policy gates, secrets management — so that controls are automated rather than manual.
  • Hands-on experience embedding SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) into CI/CD pipelines, including triaging and tuning findings and enforcing them as policy gates.
  • Hands-on use of agentic AI tooling in an engineering context, and a clear point of view on how to apply it well and safely.
  • The communication and relationship skills to work as a genuine bridge between a central security function and delivery teams, explaining security to mixed technical audiences and influencing without authority.
  • A platform-as-a-product mindset — treating developers as customers and measuring success by adoption and reduced friction, not just controls shipped.

Desirable

  • Experience in a regulated environment (legal, financial or professional services) and familiarity with the assurance and audit evidence that comes with it.
  • Specific Azure and GitHub security tooling: Microsoft Defender for Cloud, Microsoft Sentinel, GitHub Advanced Security, Entra ID PIM and RBAC, Bicep, PowerShell.
  • Policy-as-code frameworks (for example Azure Policy or Enterprise Policy as Code) and OIDC-federated pipeline identity.
  • A relevant degree is preferable but not required — we care more about what you can do than where you learned it.

Career Level:

The career level assigned to this role is level 3. The career level framework provides a formal structure for the business services functions at the firm. The framework, which ranges from level 1 to level 7, clearly defines the responsibilities, skills and competencies required at each level.

Here at Simmons & Simmons:

At Simmons, we are proud of our collaborative, open and non-hierarchical culture, where everyone is treated with respect and dignity and the wellbeing of our people is paramount. Our dynamic minds work as one integrated team, partnering with leading organisations on inspirational and thought-provoking projects that matter. From day one, irrespective of job title, qualification or background, everyone’s voice is heard, and you are encouraged to have an enquiring mind and share ideas that drive the firm forward. Through innovative learning and development opportunities, you will have a platform to excel, exceed your career ambitions, and achieve things you never thought possible.

Some key information:

  • We offer a competitive package including bonuses dependant on role/level, private medical insurance and pension contribution.
  • Our global skills academy provides our people, regardless of their role and location, with excellent learning opportunities (including live workshops, podcasts, short videos and practical learning experiences).
  • We have adopted a hybrid working approach with a requirement for a minimum of three days in the office with flexibility dependant on role/team/client demands.
  • We are proud to rank as a Times Top 50 Employer for Gender Equality, a Stonewall Top Global Employer, and a Top 75 Employer for Social Mobility.
  • We have a range of social and sports committees, summer and winter parties and monthly get togethers.
  • We have a range of diversity networks to connect people and celebrate our differences which is integral to our inclusive culture.
  • All UK offices have their own artwork collections – including Damien Hirst and Tracey Emin pieces in the London office. We have a long-standing history in supporting the art community especially up-and-coming artists.
  • We have recently introduced a Strategic Advisory Council which is a mix of associates and business services who will propose strategic initiatives that align with our firm's mission and support the delivery of our business plan, shaping the future of our next-generation law firm.
  • Our in-house generative AI tool, Percy, won the ‘Innovation in Automation and AI Tools’ category at the 2024 FT Innovative Lawyers Europe Awards. This achievement highlights our commitment to technological innovation and client service.
  • We have been commended in The Times Best Law Firms 2026 across three categories: construction, employment, and intellectual property. Our profile is highly positive, highlighting our sector specialisms and notable case and transactional work.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Equal opportunities:

We are committed to fostering equality, diversity and inclusion within our firm and to ensuring equal employment opportunities. We believe that this commitment creates a vibrant and rewarding work environment. We are therefore committed to:

  • Upholding equal opportunities, regardless of race, ethnicity, religion, belief, age, disability, sexual orientation, sex, gender reassignment, gender identity, marital status, or pregnancy, including maternity and paternity. This commitment extends to addressing any instances of perceived or associative discrimination and harassment. We also ensure fair treatment during recruitment and selection processes for those who are serving or have served in the armed forces, along with their families.
  • Accommodating requests for flexible working arrangements whenever possible. We encourage you to discuss your needs with us if this is something you require.
  • Making our roles accessible to individuals with diverse abilities. If you need any reasonable adjustments during the recruitment process, please let us know so we can meet your needs.
  • We offer a range of employee networks to support our colleagues. More information about these networks can be found in the D&I Information booklet that candidates are sent when invited to interview.

We encourage you to apply even if you don't meet every single requirement. We are looking for individuals who are passionate and eager to learn and grow with us. Your unique experiences and perspectives could be a great addition to our team.

We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.

If you’re interested in finding out more about

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Cloud Security
Azure
GitHub
Infrastructure as Code
Policy as Code
SAST
DAST
Agentic AI
Networking
Governance
Identity Management
Compliance
Observability
Cost Management
Resilience
Collaboration

Location

Bristol, England, United Kingdom

Sign up to applySee more jobs like this