Brexit and COVID-19 – Information to Candidates

Learn more

Cloud Security Architect - Flexible Location - Enablers

  • Flexible

    Luton, United Kingdom

    Hanover, Germany

    Rijswijk, Netherlands

    Zaventem, Belgium

  • 22461

  • Digital & Technology

  • Permanent

  • Full Time

  • Dependant on local contract

Hi, we’re TUI Technology, we make dreams happen, right now somewhere around the world someone’s holiday dreams are coming true. Our Technologists like to dream big, from big data through to big enterprise-scale solutions, they have their head in the clouds, the AWS Cloud that is! Our Technology dream-makers are transforming our business with the use of Cloud Technologies and now we have a new opening for a Cloud Security Architect to join the team.

You will join our Cloud Operations team to ensure technical governance and that all Cloud application designs meet security standards, designs, and patterns. You will be responsible for defining strategies with regards to vulnerabilities, threats and will advise on security aspects of the patching strategy.

This is an excellent opportunity to join the innovative and dynamic Technology team where you will be part of one of the world’s leading leisure travel companies operating in over 180 countries with more than 30 million customers in 27 key source markets. 

Due to the COVID-19 pandemic, our ways of working are a bit different just now with most of our colleagues working from home all the time.  Most colleagues worked from home a couple of days a week before the current situation, as looking after our colleague’s welfare is important to us. However, this role will likely begin with you being based at home, there will be lots of opportunities to connect with your colleagues via technology, and when we can get together face-to-face, we will.

How you will make an impact as a Cloud Security Architect

There are many ways for you to get involved:

The Cloud Security Architect focuses on highly strategic initiatives and is responsible for providing the highest level of security architecture direction for all globally led initiatives.  You’ll play a key role in ensuring consistent implementation of security controls and design principles across the group, helping colleagues understand where our data resides and how they’re protected.

The Cloud Security Architect is responsible for defining and implementing security monitoring, and controls within the Cloud Data Centre to ensure alignment with the Security Strategy.

Researching and supporting the design of new architectures, including shaping and leveraging key security patterns, to shape enterprise solutions that enable the customer to operate securely whilst exploiting technology to best effect.

Shaping, managing, and maintaining Product Security Architecture which supports the customer’s risk appetite and approach to cyber and information security to feed into the Product Roadmap.

You’ll use your industry knowledge, leadership, and collaboration skills to work closely with multi-discipline technology and business stakeholders across varying seniorities and domains, collaborating and recommending emerging technologies and technical approaches for solutions. 

Core responsibilities:

  • Cloud security subject matter expert (e.g. IaaS, PaaS, SaaS) across multiple cloud providers including Microsoft Azure, Amazon Web Services, Google Cloud and on-premises data centre implementations
  • Define and design AWS security standards and ensure data security, audit compliance and threat/risk model into solution designs.
  • Provide SME insight on threat intelligence, detection, assessment  and support incident response to treat events.
  • Ensure security is applied in IAM, Anti-Virus, Secret Management setup and configuration. Provide SME insight on their standards, principles, and assurance.
  • Ensure Security requirements are built into Non-Functional Requirements and Operational Acceptance Testing.
  • Define Account and workload security log sources, events, metrics, alarms, and response.
  • Support compliance and remediation activities.
  • Assist with Data Classification. Assist with local data protection requirements, standards, and technologies
  • Review cloud technology designs with GTS architects and engineers, focusing on security design, network architectures, security policies and standards, cybersecurity risk frameworks & data protection, taking local and regional regulatory requirements into account (e.g. residency & privacy)
  • Work with Cybersecurity, GTS Shared Services teams, and member firms on the practical implementation of cloud security architectures and capabilities
  • Perform vendor evaluations and proof of concepts for service improvements, in-flight projects, and emerging technologies.
  • Investigate, design, architect, and build specific infrastructure cybersecurity controls as they are identified & required.

What you will bring as a Cloud Security Architect

There is more than one way to the perfect fit – here are some of the ideal things:

  • Significant security Architecture strategy and delivery experience from working within enterprise-level organisations, having previously designed and implemented an approach to security architecture, aligned to Enterprise Architecture frameworks, with current knowledge of industry trends and emerging threats.
  • Significant experience of taking security architecture requirements through the architecture process to conclusion; developing security designs (business and system) and architectural artifacts to meet business needs including compliance to security standards, and supporting hybrid IT deployment, cloud services deployment in a multi-sourced resource model.
  • Extensive experience in working with Amazon Web Services (AWS), its products feature and capabilities including but not limited to IAM, SSO, Config, Lambda, Trusted Advisor, Inspector, Security Hub, Cognito, GuardDuty, KMS, Shield, etc as well as IaaS, PaaS and SaaS services covering the typical SLDC
  • Strong experience with a broad range of security technologies including NextGen Firewalls, DLP, NAC, IDS/ IPS, IdAM, Certificate Management, SIEM (in particular Splunk), Endpoint Protection, Anti-malware, vulnerability management.
  • Understand the principles of best practice security as embodied in ISO27001.
  • Excellent stakeholder management and consulting skills at all levels; ability to provide expert advice to senior business, technology, and security stakeholders on complex changes including technical changes in a dynamic environment.


TUI and you


  • Fantastic holiday benefits including discounts, special offers and the ability to purchase additional ‘TUI time off’
  • Health and Wellbeing support in five key areas – Financial, Health, Social, Community and Career
  • Discretionary Bonus Scheme
  • Private Medical Insurance, single cover with option to add dependants
  • Permanent Health Insurance
  • Pension scheme, life assurance and options to buy shares


At TUI, we know people are as diverse as the destinations we send our customers to. ​Just as travel is about exploration, we are on a continuous journey to make our work culture more inclusive.​ Spending time with us, whether you are at work or on holiday, enables you to relax and be yourself in a safe environment. ​We love to see your uniqueness shine through and inspire the future of travel.​  If you would like to read more about what Diversity & Inclusion means to us simply visit Our DNA