A leading Independent IT Infrastructure and Services Consultancy is looking for a Cloud Security Engineer
6-month contract initially
Occasional travel to Hatfield
Outside IR35
The Cloud Security Engineer will be part of the Platform Security – Security Engineering team, focusing on securing Microsoft Azure environments.
The role involves designing, implementing, and maintaining cloud security solutions, integrating DevSecOps practices, and enhancing Microsoft Defender for Cloud capabilities.
Key Responsibilities
Design and manage Azure-native security controls (Defender for Cloud, Azure Policy).
Develop Infrastructure as Code (IaC) templates using ARM, Bicep, Terraform.
Integrate security into DevOps workflows (Azure DevOps, GitHub Actions).
Monitor and remediate security alerts and compliance gaps.
Collaborate with SOC to improve detection and response.
Automate security operations using Logic Apps, Function Apps, REST APIs.
Conduct threat modeling and risk assessments.
Advise teams on secure-by-design principles.
Build dashboards with Azure Monitor, Workbooks, Power BI.
Align cloud configurations with standards (CIS, NIST, ISO 27001).
Onboard telemetry into Microsoft Sentinel.
Performance Indicators
Improved cloud security posture.
Effective cross-functional collaboration.
Reduction in unresolved Defender for Cloud recommendations.
Proactive process improvements and stakeholder engagement.
Required Qualifications & Skills
Microsoft Azure certifications: AZ-500, AZ-400, AZ-104, AZ-900.
Strong experience with Defender for Cloud, Azure deployment, and automation.
Proficiency in IaC (ARM, Bicep, Terraform) and scripting (PowerShell, CLI, Python, Bash).
Knowledge of Azure governance, networking security, CI/CD pipelines, identity management (Entra ID, PIM).
Experience with Microsoft Sentinel, Log Analytics, Logic Apps, and reporting.
Desirable Qualifications
Additional certifications: SC-200, SC-900.
Experience with SIEM/SOAR, Cribl Stream, and advanced Sentinel integrations.
#LI-DNI
- Karl Randall
