Senior Specialist, Cloud Cybersecurity and Infrastructure Engineer

This job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board.

Want to make a positive difference to the future of people and our one shared home, the Earth? Working at WWF could be your opportunity of a lifetime.

All around the world, people are waking up to the devastating impacts of climate change and nature loss. The situation today is worse than the darkest predictions of just ten years ago, pushing billions of people to the edge and threatening lives and livelihoods. At WWF, we are facing our biggest crisis - and our biggest ever opportunity - to create a better future for people and nature. With over 60 years of experience and an active presence in more than 100 countries, we work to achieve both on-the-ground and global policy action, from protecting and restoring species and their habitats, to transforming markets and policies toward sustainability.

Our people come from hugely diverse backgrounds and with a variety of expertise, ranging from conservation science and advocacy to HR and finance. We welcome applications from anyone who believes they can help us tackle this enormous global challenge and drive the urgent conservation impact needed to restore our planet.

What We Do
We are an independent conservation organization, striving to sustain the natural world for the benefit of people and the ecosystem. From individuals and communities to businesses and governments, we are part of a growing global movement calling for bolder action on climate and nature, demanding that world leaders set nature on the path to recovery by 2030. WWF works to address the most dominant drivers of nature loss through system-wide changes in how food and energy are produced and consumed, and in how financial systems are structured. By implementing change in every country, we aim to drive visible and positive impacts on the ground, helping to restore nature in the most critical places around the world, from the Amazon to the Coral Triangle.

Engaging everyone means addressing the barriers to participation faced by some groups in society, including local communities. Conservation will only be sustainable if it is owned by, and benefits, local people. That's why Indigenous Peoples and local communities must be at the centre of action on climate and nature. WWF is committed to using its resources and global network to support these communities in creating together the most effective solutions where they live.

Humanity is still in time, we have a clear pathway to solve this crisis. At WWF, we call on everyone to join the global movement, change how we live, and take action now.

1 MISSION OF THE DEPARTMENT

To align and harmonize technology, digital and data capabilities across the WWF Network to enable conservation impact at scale while safeguarding the organization and the people we work with, through fit for purpose solutions that are device and hardware agnostic, mobile functional, built on integrated, secure and scalable cloud enabled technology platforms and are consistently delivered and supported anytime anywhere

2 MAJOR FUNCTIONS

• Supports the design, implementation, securing, operation and monitoring of WWF's cloud infrastructure which contributes to protecting the confidentiality, integrity and availability of WWF's data.
• Working with the Cloud and Infrastructure team, supports the planning, design, implementation, and optimization of cloud and infrastructure services across the organization, fostering a cohesive and sustainable digital ecosystem.
• Assists in the design, implementation, and monitoring of WWF's Identity and Access Management platform, ensuring interconnection between distributed and highly federated sites while assuring protection against unauthorised access.
• Plays a key role in ensuring the secure configuration of WWF's cloud platforms and applications by applying industry-leading security best practices and adhering to established configuration benchmarks.
• Will be responsible for detecting security incidents, by the use of an event monitoring system. Verifies log collection, reduces false-positives and maintains it operational.
• Conducts security assessments, interprets results, identifies critical vulnerabilities, reduces false-positives, and either performs or recommends corrective actions to remediate vulnerable systems and applications.
• Participates in the Incident Response process and contributes to conduct investigations and recommends countermeasures. Implements automatic responses to common incidents.

3 Major Duties and Responsibilities

• Supports the design, implementation, operation, securing and monitoring of WWF's cloud infrastructure to enable delivery business solutions and services to agreed service levels and ensure solutions and services are accessible on all end-user devices, wherever possible. On an as-needed basis, evaluates, recommends, and justifies appropriate products that support the security of the cloud environment.
• Supports the design, implementation and monitoring of WWF's Identity and Access Management platform to identify, authenticate and authorise users across distributed and federated sites. Installs, implements, and maintains cloud security services that prevent unauthorised access to services.
• support end-to-end availability and performance of key cloud and infrastructure services and build automation to prevent problem recurrence and automate response to different service conditions.
• Support the consistent adoption and integration of cloud services across the WWF network, optimizing for cost, performance, security and scalability.
• Collaborate with cross-functional teams to define and enforce IAM policies and procedures across the organisation's cloud-based systems and platforms.
• Contributes to strengthening the security posture of the organisation by regularly assessing cloud services configuration baselines, recommending and implementing improvements following clear change management procedures.
• Supports the implementation of a Security Information Event Management SIEM and assures that log collection is functional and relevant. Reduces false-positives and detects security incidents.
• Monitors and analyse security logs and alerts from cloud-based systems and platforms to detect and respond to potential security incidents. Configures where possible the centralisation of logs to SIEM systems.
• Conducts security assessments, through external partners, or by the use of vulnerability scanners. Interprets results, identifies critical vulnerabilities, and either performs or recommends corrective actions to remediate vulnerable systems and applications.
• Develops, implements and recommends cloud security architectures, policies and procedures in line with industry best practices, aligned with NIST, CIS and ISO frameworks.
• Documents all cloud security systems, and mission critical applications.
• Collaborates with cross-functional teams to ensure security requirements are integrated into newly or existing cloud applications, architecture, deployment, and operations.
• Stays up to date with the latest cloud security threats, trends, and technologies, and proactively identify areas for improvement.
• Participate in incident response processes and activities, including investigations, root cause analysis, remediation and lessons learnt.
• Work closely with the cybersecurity teams, and or IT teams from other locations.

4 PROFILE

Required Qualifications

• Bachelor's degree in Computer Science, Electrical/Electronic Engineering, Software Engineering, Information Technology, or related disciplines.
• Strong technical knowledge and expertise in administering and securing cloud environments such as Microsoft 365, Azure and AWS.
• Knowledge on programming languages, such as Python, Powershell, is also beneficial.
• 10 years of experience in managing and administering security on cloud base platforms, preferably using Microsoft platforms.
• Experience with cloud security frameworks, such as CIS benchmarks and the Cloud Security Alliance (CSA). Familiarity with security compliance standards and regulations, such as GDPR, PCI DSS and ISO 27001.
• Hands-on experience with security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SASE, DLP, SIEM & SOAR solutions, and vulnerability scanning tools. Experience with Microsoft 365 security tools such as Defender, Intune, EntraID and Azure is required.
• Solid understanding of networking concepts, protocols, and technologies related to cloud environments.
• Experience in developing and implementing policies, procedures, and security best practices aligned with NIST, CIS or ISO frameworks.
• Certifications in cybersecurity and Microsoft are an advantage, such as CISSP, GIAC, Azure Security, AWS or equivalent.
• Prior experience in technology implementation projects in a complex globally federated operating environment.
• Preferred hands-on experience consolidating and/or migrating across diverse technology platforms.
• Strong organizational, documentation, project management skills.
• Proficiency in English is essential. Other languages would be an advantage.

Required Skills and Competencies

• Strong analytical and problem-solving skills are required to solve technical incidents, analyse user requirements, identify gaps and opportunities, and make data-driven recommendations to improve the security posture of the organisation.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
• Proactive, outgoing approach towards introducing new ideas and participating in detailed technological discussion.
• Continuous Learning: The ideal candidate should possess a strong enthusiasm for acquiring new knowledge and skills. Should demonstrate a genuine passion for professional development, and actively seeks opportunities to expand their understanding and expertise.
• Identifies and aligns with the core values of the WWF organisation: Courage, Collaboration, Respect & Integrity;
• Demonstrates WWF behaviours in way of working: Strive for Impact, Listen Deeply, Collaborate Openly, Innovate Fearlessly;
• Adheres to WWF's brand values, which are: Knowledgeable, Optimistic, Determined and Engaging.

5 WORKING RELATIONSHIPS

Internal

• Cybersecurity team, Cloud and Infrastructure team, GTDS team, IT leaders across WWF Network, Cybersecurity champions, WWF International Leaders

External

• Cloud IT or Cybersecurity service providers
• WWF strategic partners

Please upload your covering letter and CV in English. Priority will be given to applications with both documents indicated.

Deadline for applications: 4 January 2026
Work permit restrictions may apply

Early application is encouraged as we will review applications throughout the advertising period and reserve the right to close the advert early.

At WWF, we are dedicated to fostering an inclusive and diverse workplace where every individual feels valued and respected. We believe that a diverse workforce will help us to achieve our mission to stop the degradation of the Earth's natural environment and to build a future in which humans live in harmony with nature. As an equal opportunity employer, we are committed to providing fair and unbiased consideration for all candidates regardless of their background. We encourage applicants from all backgrounds to apply and join us in fostering a diverse and inclusive workplace.