Cybersecurity Consultant

London
3 weeks ago
Create job alert

Job Description: Cybersecurity Consultant (Cloud, Data, AI & Microsoft Security)

Department: Information Security - (Data & AI team)

Duration: Duration 4 months

Location: London (Hybrid)

Role Overview

We are looking for a highly skilled Cybersecurity Consultant with strong expertise across Microsoft Security, Cloud Security, Data Protection, and emerging AI/LLM security and governance. The role focuses on identifying security gaps, defining secure-by-design patterns, supporting product and platform teams, and strengthening enterprise security posture-particularly across Microsoft 365, Azure, data platforms, and AI-enabled solutions.

You will play a key role in threat modelling, risk assessments, guardrail design & implementation, and delivering practical security guidance for engineering, data, and application/product teams.

Rationale/deliverables:

Contribute to the Operating Securely program by providing information security advice and support to product and engineering teams and validate that security controls are in place and issues / vulnerabilities remediated
Perform technical risk assessments for proposed new and changing systems, including products that are designed and built by the client as well as the secure deployment and configuration of business applications that report on and analyse data, e.g. Power BI
Perform technical risk assessments and advise product and engineering teams on the secure implementation of AI based solutions, e.g. autonomous AI agents, LLMs, LRMs, and AI-enhanced productivity systems
Support the roll-out of the new AI information security control framework
Support the Data governance team

Key Responsibilities

Perform threat modelling(STRIDE), guardrail definition, and security posture assessments across applications, data platforms, APIs, cloud services, and SaaS ecosystems.
Identify security control gaps, especially around data pipelines, repositories, network security, API security, middleware, and cloud architectures.
Conduct technical security risk assessments, produce risk statements/reports, and support teams with remediation and mitigation strategies.
Develop security controls, standards, and documentationfor product teams, platform engineering, and data services (e.g., pipelines, warehouses, data sources).
Provide expert guidance on Microsoft Security Stack, including:
Microsoft Defender (XDR, MDE, MDI)
Microsoft Entra ID (SSO, MFA, Conditional Access, PIM)
Microsoft Purview (DLP, Information Protection, Data Governance, DSPM)
Microsoft 365 Copilot & GitHub Copilot security enablement
Partner with data governance, platform engineering, DevOps, and architecture teams to embed secure-by-design
Support secure adoption of cloud-native technologies(Azure), DevSecOps pipelines, GitOps practices, and GitHub Advanced Security (GHAS).
Oversee security controls for cryptography, key management, secrets management, HSM/Key Vault configurations, and cloud network security (firewalls, proxies, segmentation).
Drive secure integration of AI/LLM tools, including Copilot, Azure OpenAI, and agentic systems-ensuring proper guardrails, risk assessments, and data protection.
Participate in cloud monitoring, detection & incident response, working with SIEM/XDR tooling and platform/application teams.
Collaborate closely with data governance to ensure appropriate classification, labeling, access control, and lifecycle managementof sensitive data.

Essential Skills & Experience

Strong understanding of security frameworks(CIS), MITRE ATT&CK, and AI/LLM security frameworks.
Hands-on experience with Azure cloud security, DevSecOps, and cloud-native architectures.
Expertise with Microsoft 365 Securityand Azure Security
Strong knowledge of IAM(SSO, MFA, Conditional Access, AAD/Entra, PIM).
Experience delivering data security, DLP, DSPM, and governance controls using Microsoft Purview.
Practically skilled in AI security, including risk identification, secure integration patterns, and AI governance models.
Experience with cloud monitoring, incident response, SIEM/XDR operations.
Ability to translate complex security risks into clear business language and actionable recommendations.

Desirable Skills

Experience with secure data platforms (Azure Data Factory, Data Lake, SQL, or similar).
Knowledge of API, container security, Kubernetes, and infrastructure-as-code security.
Familiarity with PCI, GDPR, data privacy requirements, and compliance frameworks.
Exposure to adaptive protection, insider risk management, and automated DLP frameworks.

Personal Attributes

Strong communicator able to work across engineering, data, product, and business teams.
Highly analytical with a structured approach to problem-solving.
Comfortable in fast-paced environments undergoing modernization and AI adoption.
Ability to influence teams and drive secure-by-design culture across the organization

Related Jobs

View all jobs

CyberSecurity – Operations Engineer – Graduates Considered

CyberSecurity Operations Engineer – Graduates Considered

Operational Technology (OT) Security Consultant

Information Security Consultant

Recruitment

Cyber Security Consultant | Security Assurance SME

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Penetration Tester Jobs in the UK: What Employers Actually Want in 2026

The demand for skilled professionals in cyber security has never been higher, and penetration testers sit at the very heart of this rapidly evolving industry. As organisations across the UK continue to digitise their operations, protect sensitive data, and defend against increasingly sophisticated threats, the need for ethical hackers has grown dramatically. If you are considering a career in this field—or looking to advance within it—it is essential to understand what employers are really looking for in 2026. This guide breaks down the current expectations, required skills, certifications, and practical experience that can help you stand out in a competitive job market.

Jobs

SOC Analyst Jobs UK 2026: Salaries, Skills & How to Get Hired

Cyber security is one of the UK's fastest-growing career paths — and SOC analyst is where most people begin. It's in high demand, genuinely accessible, and you don't need a degree or years of experience to get started. But knowing what UK employers actually want in 2026 — what they pay, which certs matter, and how to stand out — is a different matter. This guide covers all of it.

Careers

How Many Cyber Security Tools Do You Need to Know to Get a Cyber Security Job?

If you are trying to build or move forward in a cyber security career, it can feel like the list of tools you are expected to know never ends. One job advert asks for SIEM platforms, another mentions penetration testing tools, another lists cloud security, threat intelligence platforms, endpoint detection, scripting languages and compliance frameworks. Scroll LinkedIn and it gets worse. Everyone seems to “know” dozens of tools, certifications and platforms. Here is the reality most cyber security hiring managers agree on: they are not hiring you because you know every tool. They are hiring you because you understand risk, can think like an attacker and a defender, follow process, communicate clearly and make good decisions under pressure. Tools matter — but only when they support those outcomes. So how many cyber security tools do you actually need to know to get a job? For most job seekers, the answer is far fewer than you think. This article explains what employers really expect, which tools are essential, which are role-specific and how to focus your learning so you look credible, not overwhelmed.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.