Form3 - External
Senior Cloud Security Engineer - AI Resilience & Security Enhancements (Contract)

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
The Project 📝
We're looking for an experienced Senior Cloud Security Engineer to join Form3 on a contract basis to deliver a strategic programme of security enhancements across our cloud-native payments platform.
Focusing on improving cloud security, operational resilience and governance across our engineering ecosystem, you will work closely with our Platform Engineering and Security teams to design and implement practical security improvements that enhance how we build, deploy and operate critical payment infrastructure.
You'll play a key role in strengthening areas such as cloud platform security, software supply chain security, identity and access management, AI governance, cryptographic controls and automated security assurance, ensuring solutions are scalable, production-ready and aligned with regulatory expectations.
Key Responsibilities
- Assess the current cloud security posture across Form3 environments, identifying risks, control gaps and opportunities for improvement.
- Design and implement scalable cloud security controls that improve the resilience and security of our cloud-native platform.
- Enhance perimeter security controls across cloud infrastructure.
- Strengthen CI/CD pipeline security through secure build processes, automated security testing, deployment governance and artefact integrity.
- Improve production access security, including RBAC, least-privilege implementation, deployment tooling and operational processes.
- Enhance software supply chain security through dependency management, container image scanning, provenance, signing and vulnerability remediation.
- Contribute to the secure adoption and governance of AI-enabled engineering capabilities, including controls for data protection, auditability and operational resilience.
- Provide technical leadership and guidance on cloud security architecture and secure engineering practices.
- Produce high-quality technical documentation, including solution designs, implementation plans, operational procedures and security evidence.
- Collaborate closely with engineering, platform and security teams to deliver maintainable, production-ready security improvements.
- Ensure all deliverables align with operational resilience requirements, regulatory obligations and internal security standards.
- Deliver changes using structured, low-risk change management practices while maintaining service availability.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
We’re Looking For 🔍
Essential
- Extensive experience designing and implementing cloud security solutions within large-scale cloud-native environments.
- Strong hands-on experience securing public cloud platforms (AWS preferred).
- Expertise in cloud security architecture, identity and access management, workload protection and infrastructure security.
- Experience securing CI/CD pipelines and modern software delivery practices.
- Strong understanding of software supply chain security, including dependency management, artefact signing, provenance and vulnerability management.
- Experience implementing least-privilege access models and RBAC.
- Knowledge of security monitoring, risk assessment and security governance.
- Experience working within highly regulated or business-critical production environments.
- Excellent stakeholder management and communication skills, with the ability to influence engineering teams.
- Strong technical documentation and design skills.
Desirable
- Experience implementing security controls for AI or machine learning platforms.
- Knowledge of cryptographic controls and key management.
- Experience with Infrastructure as Code and policy-as-code tooling.
- Familiarity with payment platforms or financial services environments.
- Understanding of operational resilience frameworks and regulatory requirements affecting critical financial infrastructure.
- Relevant cloud or security certifications (AWS Security Specialty, CISSP, CCSP or similar).
Tech Stack ⚙️
- AWS – Cloud infrastructure and security controls.
- Kubernetes – Container orchestration and workload security.
- Terraform – Infrastructure as Code and security automation.
- CI/CD tooling – Secure software delivery, build security and deployment governance.
- Container security tooling – Image scanning, vulnerability management and runtime protection.
- Identity & Access Management (IAM) – Least privilege, RBAC and privileged access controls.
- Software Supply Chain Security – Dependency scanning, artefact signing, provenance and integrity controls.
- Security monitoring & observability platforms – Detection, auditability and operational visibility.
- AI governance and security controls – Supporting secure adoption of AI-enabled engineering capabilities.
Interview Process ✍️


Get help with your application
Your very own career expert that helps elevate your application to the next level.
- Stage 1: Screening Call with Talent Team
- Stage 2: Kubernetes & Linux Interview
- Stage 3: Cloud Security & Engineering Best Practices interview
We always aim to stick to the above process, however there may be occasions when an additional interview stage is needed for us to be sure we’re hiring the right fit for the role.
Hiring Locations 📍
Here are the locations that we are looking to engage with contractors from. Please note, we are not looking to engage with contractors outside of these locations.
- Austria
- Bulgaria
- Croatia
- Cyprus
- Estonia
- Greece
- Hungary
- Italy
- Latvia
- Lithuania
- Malta
- Romania
- Slovakia
- Slovenia
All contractors start their first day in our office to collect the equipment needed to work remotely.
About Form3 💭
Revolutionising the world of payments with our cloud-native, multi-cloud platform. For more information about Form3, check out the following pages:
Our DEI&B Commitment
We hire talented people from a variety of backgrounds and experiences and are committed to a work environment based on diversity, open-mindedness and curiosity. We’re united by our company values (we even created them together!) and we celebrate our unique differences.
Our employee lifecycle processes are designed to embrace equal opportunity and prevent discrimination against our people regardless of personal characteristics. It is our strong belief that the more inclusive and belonging we are as a business, the better our work will be.
As an inclusive employer, we guarantee to interview all neurodiverse and physically disabled applicants who meet the minimum criteria for this role. We also encourage candidates to notify us of any reasonable adjustments that may be required during the recruitment process. This includes providing job adverts in alternative, accessible formats or adjustments required at interview stage.
If you consider yourself to be neurodiverse or physically disabled under the UN definition of disability and would like to be considered under this scheme and/or require any reasonable adjustments please let us know by sending an email to careers@form3.tech clearly stating your consent for us to process this data.
For more information please refer to our Recruitment Data Policy.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location