Senior Security Engineer

We are seeking a skilled and detail-oriented Security Engineer with expertise in Microsoft technologies to join our security engineering team within a rapidly expanding team that provides security services to protect our business and clients. This role will report into our Security Engineering Manager and will work closely across all IT Teams and business units.

In this role, you will be responsible for implementing, managing, and optimizing security solutions to protect our IT infrastructure, cloud environments, and applications. The ideal candidate will have hands-on experience with Microsoft security tools and technologies, such as Azure, Microsoft 365, Microsoft Purview and Microsoft Defender, and will play a critical role in safeguarding our digital assets.

Requirements

What You'll Do:

Security Solution Implementation

• Implement, configure, and manage security solutions in Microsoft environments, including Azure, Microsoft 365, Microsoft Defender, Microsoft Purview and other Microsoft security tools.
• Ensure the secure deployment and configuration of Microsoft cloud resources, applications, and services, adhering to security best practices and company policies.
• Set up and maintain security controls such as firewalls including WAFs, VPNs, and endpoint protection across all environments.

Threat Detection and Incident Response

• Monitoring Network security portals and information feeds, responding to security events and escalating incidents where required;
• Investigate and respond to security incidents, performing root cause analysis and ensuring timely mitigation of risks and vulnerabilities.
• Collaborate with the Security Operations team to ensure effective detection and response to threats targeting the firms environments.

Identity and Access Management (IAM)

• Implement and manage identity and access controls in Azure Active Directory (AAD), including multi-factor authentication (MFA), conditional access policies, and role-based access control (RBAC).
• Assist in the deployment of identity governance solutions to secure user access across Microsoft 365 and Azure environments.
• Support the organisation’s adoption of Zero Trust principles within the Microsoft ecosystem.

Vulnerability Management and Risk Assessment

• Regularly assess and monitor Microsoft systems and services for vulnerabilities and security gaps, using tools like Microsoft Defender for Endpoint and Azure Security Centre.
• Collaborate with other teams to ensure timely patching and remediation of vulnerabilities within the environment.
• Perform security assessments and risk analysis for new Microsoft technologies, AI and cloud services.

Security Automation and Optimisation

• Automate security processes and tasks using PowerShell, Azure CLI, and other tools to improve efficiency and response times.
• Optimise security configurations across Microsoft environments to ensure best practices and consistent application of security controls.
• Continuously review and improve existing security processes, tools, and policies.

Compliance and Reporting

• Ensure Microsoft-based systems meet regulatory requirements (e.g., GDPR), internal security standards (ISO, SOC) and policies.
• Assist in security audits and assessments, providing the necessary documentation and evidence to support compliance initiatives.
• Generate regular security reports, dashboards, and metrics using Microsoft security tools to provide visibility into the health and security of Microsoft environments.

Collaboration and Effective Communication

• Work closely with IT, system administrators, and other security teams to coordinate incident response efforts, identify vulnerabilities, and implement mitigation strategies across the Microsoft technology stack.
• Communicate regularly with the Service Delivery managers and Service Delivery team members.
• Ensure that the IT Security documentation is maintained and updated regularly as required.
• Provide guidance and support to internal teams regarding Microsoft security best practices, threat mitigation, and incident response.
• Participate in security projects, including cloud migration efforts, that involve Microsoft technologies, ensuring security is a top priority.
• Provide input to the monthly IT Security report.

Who You Are:

• 3+ years of experience in security engineering, with a strong focus on Microsoft environments such as Microsoft 365, Azure, Microsoft Purview, and related Microsoft security products.
• Experience of working in a diverse Global Company;
• Experience in Data Loss Prevention (DLP) and Information Classification tools, Microsoft Purview and Azure Information Protection preferred.
• Understanding of key network and infrastructure security solutions such as firewalls, SD-WAN, WAF, DDoS protection IPS, Web Proxy, etc.
• Excellent knowledge of security solutions and technologies including Network Firewalls, proxy technologies, EDR, SIEM (Sentinel);
• Understanding of SASE solutions and cloud-based service delivery of traditional security controls (e.g. content filtering, firewall)
• Knowledge of Intrusion detection/prevention systems (IDS/IPS/WAF) and vulnerability assessment tools (Nessus/Tenable.io/Qualys);
• Excellent knowledge of Computer Networking and IT Security and strong endpoint and networks troubleshooting skills;
• Excellent knowledge of different threat scenarios, incident response and remediation techniques;
• Hands on experience of applying security to Windows server, SQL Server and endpoints;
• Knowledge of security technologies (encryption, data protection, permissions, privilege access etc.);
• Knowledge of applying CIS benchmark policies in Azure & O365;
• Experience with Security frameworks, ISO 27001, Cyber Essentials, NIST, PCI;
• Good working knowledge of Active Directory services, including reporting and auditing of Active Directory objects;
• Experience of investigating security issues/incidents;
• Skilled in using scripting tools (PowerShell, MS CLI & VBS).
• Understand Incident Response, Cyber Kill Chain, Threat Modelling and pertinent Attack Vectors;
• Experience of dealing with third party security managed service providers;
• Desirable qualifications, Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Security, Compliance, and Identity Fundamentals, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Certified Cloud Security Professional (CCSP) or other similar security certifications or demonstratable experience.
• Good communication (English Writing, Reading and Speaking) skills and ability to articulate subjects clearly.
• Proven analytical and problem-solving skills;
• Strong documentation skills;
• Organised, methodical and self-motivated;
• Keeping abreast of industry trends and security technologies.
• Takes the initiative to proactively resolve issues within own remit and recognises when escalation is required;
• Uses own knowledge and experience to make sounds judgements or assist others with sound judgements;
• Considers the regional and global implications of what we do in our own areas of responsibility;
• Identifies and builds relationships across team and region;
• Understands need to work within project scope, including price;
• Shows understanding of others in order to influence as appropriate.