Covid-19 – Information for Candidates

Learn more

Cloud Security Architect | Flexible Location | TUI

  • Luton, United Kingdom

    Hanover, Germany

    Zaventem, Belgium

    Rijswijk, Netherlands

    Stockholm, Sweden

  • 22461

  • Digital & Technology

  • Permanent

  • Full Time

  • 37.5 hours

Hi, we’re TUI Technology, we make dreams happen, right now somewhere around the world someone’s holiday dreams are coming true. Our Technologists like to dream big, from big data through to big enterprise-scale solutions, they have their head in the clouds, the AWS Cloud that is! Our Technology dream-makers are transforming our business with the use of Cloud Technologies and now we have a new opening for a Cloud Security Architect to join the team.

You will join our Cloud Operations team to ensure technical governance and that all Cloud application designs meet security standards, designs, and patterns. You will be responsible for defining strategies with regards to vulnerabilities, threats and will advise on security aspects of the patching strategy.

This is an excellent opportunity to join the innovative and dynamic Technology team where you will be part of one of the world’s leading leisure travel companies operating in over 180 countries with more than 30 million customers in 27 key source markets. 

Due to the COVID-19 pandemic, our ways of working are a bit different just now with most of our colleagues working from home all the time.  Most colleagues worked from home a couple of days a week before the current situation, as looking after our colleague’s welfare is important to us. However, this role will likely begin with you being based at home, there will be lots of opportunities to connect with your colleagues via technology, and when we can get together face-to-face, we will.

How you will make an impact as a Cloud Security Architect

There are many ways for you to get involved:

The Cloud Security Architect focuses on highly strategic initiatives and is responsible for providing the highest level of security architecture direction for all globally led initiatives.  You’ll play a key role in ensuring consistent implementation of security controls and design principles across the group, helping colleagues understand where our data resides and how they’re protected.

The Cloud Security Architect is responsible for defining and implementing security monitoring, and controls within the Cloud Data Centre to ensure alignment with the Security Strategy.

Researching and supporting the design of new architectures, including shaping and leveraging key security patterns, to shape enterprise solutions that enable the customer to operate securely whilst exploiting technology to best effect.

Shaping, managing, and maintaining Product Security Architecture which supports the customer’s risk appetite and approach to cyber and information security to feed into the Product Roadmap.

You’ll use your industry knowledge, leadership, and collaboration skills to work closely with multi-discipline technology and business stakeholders across varying seniorities and domains, collaborating and recommending emerging technologies and technical approaches for solutions. 

Core responsibilities:

  • Cloud security subject matter expert (e.g. IaaS, PaaS, SaaS) across multiple cloud providers including Microsoft Azure, Amazon Web Services, Google Cloud and on-premises data centre implementations
  • Define and design AWS security standards and ensure data security, audit compliance and threat/risk model into solution designs.
  • Provide SME insight on threat intelligence, detection, assessment  and support incident response to treat events.
  • Ensure security is applied in IAM, Anti-Virus, Secret Management setup and configuration. Provide SME insight on their standards, principles, and assurance.
  • Ensure Security requirements are built into Non-Functional Requirements and Operational Acceptance Testing.
  • Define Account and workload security log sources, events, metrics, alarms, and response.
  • Support compliance and remediation activities.
  • Assist with Data Classification. Assist with local data protection requirements, standards, and technologies
  • Review cloud technology designs with GTS architects and engineers, focusing on security design, network architectures, security policies and standards, cybersecurity risk frameworks & data protection, taking local and regional regulatory requirements into account (e.g. residency & privacy)
  • Work with Cybersecurity, GTS Shared Services teams, and member firms on the practical implementation of cloud security architectures and capabilities
  • Perform vendor evaluations and proof of concepts for service improvements, in-flight projects, and emerging technologies.
  • Investigate, design, architect, and build specific infrastructure cybersecurity controls as they are identified & required.

What you will bring as a Cloud Security Architect

There is more than one way to the perfect fit – here are some of the ideal things:

  • Significant security Architecture strategy and delivery experience from working within enterprise-level organisations, having previously designed and implemented an approach to security architecture, aligned to Enterprise Architecture frameworks, with current knowledge of industry trends and emerging threats.
  • Significant experience of taking security architecture requirements through the architecture process to conclusion; developing security designs (business and system) and architectural artifacts to meet business needs including compliance to security standards, and supporting hybrid IT deployment, cloud services deployment in a multi-sourced resource model.
  • Extensive experience in working with Amazon Web Services (AWS), its products feature and capabilities including but not limited to IAM, SSO, Config, Lambda, Trusted Advisor, Inspector, Security Hub, Cognito, GuardDuty, KMS, Shield, etc as well as IaaS, PaaS and SaaS services covering the typical SLDC
  • Strong experience with a broad range of security technologies including NextGen Firewalls, DLP, NAC, IDS/ IPS, IdAM, Certificate Management, SIEM (in particular Splunk), Endpoint Protection, Anti-malware, vulnerability management.
  • Understand the principles of best practice security as embodied in ISO27001.
  • Excellent stakeholder management and consulting skills at all levels; ability to provide expert advice to senior business, technology, and security stakeholders on complex changes including technical changes in a dynamic environment.

TUI and you


  • Fantastic holiday benefits including discounts, special offers and the ability to purchase additional ‘TUI time off’
  • Health and Wellbeing support in five key areas – Financial, Health, Social, Community and Career
  • Discretionary Bonus Scheme
  • Private Medical Insurance, single cover with option to add dependants
  • Permanent Health Insurance
  • Pension scheme, life assurance and options to buy shares

TUI is the UK’s largest tour operator, our key brands include TUI, First Choice, Marella Cruises and Crystal Ski Holidays. Our airline is the country’s third largest with 62 aircraft operating to over 88 destinations in 30 countries. We have a team of more than 10,000 employees serving over 6 million customers each year.  We’re on a journey towards a more digital, connected and integrated future. But we haven’t arrived there yet.  We believe that differences drive innovation and we’re encouraging an environment where diverse talent thrives and it’s our unique colleagues that will shape the future of travel.

If you want to know more about why TUI Group is the world’s leading tourism group, and our continuing work in the diversity & inclusion space, simply visit