Wood Mackenzie
Cloud Security Specialist

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Wood Mackenzie
Wood Mackenzie is the global leader in analytics, insights and proprietary data across the entire energy and natural resources landscape.
For over 50 years our work has guided the decisions of the world’s most influential energy producers, utilities companies, financial institutions and governments.
Now, with the world’s energy system more complex and interconnected than ever before, sector-specific views are no longer enough. That’s why we’ve redefined what’s possible with Intelligence Connected.
By fusing our unparalleled proprietary data with the sharpest analytical minds, all supercharged by Synoptic AI, we deliver a clear, interconnected view of the entire value chain. Our trusted team of 2,700 experts across 30 countries breaks siloes and connects industries, markets and regions across the globe.
This empowers our customers to identify risk sooner, spot opportunities faster and recalibrate strategy with confidence – whether planning days, weeks, months or decades ahead.
Wood Mackenzie Values
- Inclusive – we succeed together
- Trusting – we choose to trust each other
- Customer committed – we put customers at the heart of our decisions
- Future Focused – we accelerate change
- Curious – we turn knowledge into action
Position Overview
We are looking for an experienced, hands-on Cloud Security Specialist to join our cyber security team. This is a technical individual-contributor role focused on securing our cloud and application environments day to day; designing and implementing controls, assessing our cloud posture, and working alongside engineering and DevOps teams to build security in from the start.
You'll be someone who is comfortable working directly in cloud consoles and security tooling, enjoys getting into the technical detail, and can communicate clearly with both technical teams and other stakeholders. You'll be a technical point of reference for colleagues on cloud security matters.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Key Responsibilities
- Design, implement, and maintain security controls across our cloud environment in alignment with our cyber risk and control framework
- Conduct cloud security assessments and architecture reviews, and track findings through to remediation
- Manage and tune cloud-native security tooling (CSPM, CWPP, cloud WAF)
- Working knowledge and input to identity and access management (IAM) policies and controls
- Coordinate cloud vulnerability remediation with the relevant teams
- Investigate cloud security events and support incident response
- Help ensure our cloud environment aligns with recognised frameworks and benchmarks (CIS, CSA CCM, NIST)
- Contribute to security policies, standards, and technical documentation
- Support compliance activities (e.g. SOC 2, ISO 27001, PCI-DSS, GDPR) as they relate to the cloud environment
- Keep current with emerging cloud threats, vulnerabilities, and tooling, and share knowledge with the team
- Supporting wider security team where possible
Essential Requirements
- 4+ years of cyber security experience, with 2+ years hands-on in cloud security
- Deep, practical experience securing your primary cloud platform (AWS and Azure)
- Working knowledge of IAM, network security concepts, and encryption/data-protection fundamentals
- Familiarity with at least one major security framework (NIST CSF, MITRE ATT&CK, CIS Benchmarks, or Zero Trust)
- Ability to explain security issues and trade-offs clearly to both technical and non-technical audiences
Desirable (nice To Have, Not Required)
- Experience integrating security into CI/CD pipelines / DevSecOps practices
- Exposure to SIEM platforms (e.g. Splunk, Sentinel) and EDR solutions
- Experience with SAST/DAST or vulnerability-scanning tools
- Background in penetration testing or offensive security
- Experience with threat intelligence or threat-hunting tooling
- Experience in a regulated industry (financial services, healthcare, energy)


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Technical Skills
- Strong, hands-on expertise with cloud platform security services and native tooling
- Understanding of network security, firewalls, IDS/IPS, and VPN technologies
- Comfortable working with IAM, cloud configuration, and infrastructure security settings directly
Certifications and Education (one or more is a plus, not essential)
- Bachelor's degree in Computer Science, Information Security, or a related field -or equivalent practical experience
- CCSP (Certified Cloud Security Professional)
- AWS Certified Security – Specialty
- Microsoft Certified: Azure Security Engineer Associate
- CISSP (Certified Information Systems Security Professional)
Soft Skills
- Strong analytical and problem-solving abilities
- Clear written and verbal communication
- Ability to explain complex security concepts to technical and non-technical audiences
- Strong attention to detail and the ability to prioritise under pressure
- Collaborative approach to working with cross-functional teams
Equal Opportunities
We are an equal opportunities employer. This means we are committed to recruiting the best people regardless of their race, colour, religion, age, sex (including pregnancy, sexual orientation, and gender identity), national origin, disability or protected veteran status. You can find out more about your rights under the law at www.eeoc.gov
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills