Security Engineer - Azure

Security Engineer - Azure
Buckinghamshire – 1 or 2 days a week in the office
Up to £70,000 salary plus a discretionary bonus of up to 15%

After a transformative 3-year change initiative, they have outlined a strategic 5-year plan to broaden their impact and enhance our operational efficiency. They are now seeking an Security Engineer to continue to develop their security posture, optimise, and maintain their security controls to protect the organisation's assets and data.

About the role

As the Security Engineer, you will be responsible for enhancing and maintaining security controls. They are a Microsoft Azure based, and we are looking for someone with security expertise for this environment.

This role involves working closely with technology teams to ensure robust security architecture, providing expert advice on security requirements, and managing all technical change activities related to security. You will also identify and address security design gaps and recommend enhancements to existing and proposed architectures.

What you will be responsible for?

1.Security Control Development:
-Develop and optimise security controls in collaboration with relevant technology teams.
-Ensure adherence to architectural principles during design to minimise risk.
-Drive adoption of security policies, standards, and guidelines across the organisation.

2.Provide consultancy and Expert Advice:
-Provide authoritative advice on security controls and requirements in collaboration with legal, technical support, and other functional experts.
-Maintain recognised expert-level knowledge in one or more security specialisms.
-Promote and support the development and sharing of specialist knowledge within the organisation.

3.Conduct Research and Analysis:
-Conduct research to evaluate, develop, and implement security practices and standards.
-Track and understand emerging security technologies and practices.
-Assess impacts, threats, and control opportunities, and create reports and technology roadmaps.
-Share knowledge and insights with relevant stakeholders.

4.SecOps and Security Administration:
-Monitor and ensure compliance with security administration procedures.
-Review information systems for potential security breaches and collaborate with SecOps for investigations and control changes.
-Contribute to the creation and maintenance of security policies, standards, procedures, and documentation.
-Support the maintenance of the companies NIST capability maturity.

What do you need to be successful?

-Experience as a Security Engineer or in a similar role with a strong background in IT Security/IT Operations.
-Demonstrable expertise in security controls and architecture.
-Proficiency in security frameworks such as ISO, NIST, and OWASP.
-Knowledge of Cloud infrastructure (e.g., Azure).
-Experience with security technologies (e.g., SIEM, EDR, IPS, web and email gateways).
-Qualifications (desirable): CISSP or similar certification, TOGAF or similar architectural framework certification, Vendor technology training/certifications (e.g., SIEM, EDR, IPS), Experience in security delivery roles.