L

Azure Security Engineer Contract

LGBT Great
Contract
Remote friendly (Not Specified)
United Kingdom
£80,000 - £100,000 GBP daily
Overview

Azure Security Engineer - UK (Hybrid)

3 month initial contract outside IR35

Focus: Vulnerability Remediation, Defender Suite, Purview Compliance

We are hiring an Azure Security Engineer to strengthen our Microsoft security posture with a hands-on focus on improving Defender for Cloud findings, remediating vulnerabilities across Azure and endpoint estates, and uplift of compliance and data protection controls.

This is a role for someone who enjoys fixing things, not just recommending. You'll be embedded with engineering and infrastructure teams, working through remediation tasks, tightening configuration, and improving real-world risk reduction week by week.

Responsibilities
  • Microsoft Defender Suite (Primary Requirement)
    • Monitor and remediate vulnerabilities surfaced by Defender for Cloud
    • Manage and optimise Defender for Endpoint, attack surface reduction and device hardening
    • Operate and tune External Attack Surface Management (EASM) findings and asset exposure
    • Improve Secure Score and continuously reduce risk through technical remediation
    • Collaborate with SOC to triage, respond, and close findings
  • Data Protection & Compliance (Purview-Led)
    • Implement and manage Purview (DLP, sensitivity labels, insider risk, records)
    • Assist with compliance uplift against ISO 27001, SOC2, GDPR, NIS2
    • Maintain audit trails, evidence, runbooks, and security documentation
  • Vulnerability & Configuration Hardening
    • Hands-on remediation - patching, configuration fixes, policy deployments
    • Work with product teams to close findings rather than just escalate
    • Improve posture for identity, endpoints, networking, and cloud workloads
    • Implement conditional access, PIM, key vault, and encryption standards
  • Detection, Monitoring & Response
    • Tune Sentinel analytics, automation rules, alert noise reduction
    • Support incident investigation, triage, threat hunting as needed
    • Generate security metrics, reporting, and measurable improvement trends
  • Collaboration & Delivery
    • Work with DevOps, Infra, Desktop, and Cloud teams on real-world fixes
    • Translate risk into understandable action for stakeholders
    • Create repeatable processes to shorten future remediation cycles
Experience & Skills Needed

Must-Have

  • Strong hands-on experience with Defender for Cloud, Defender for Endpoint, EASM
  • Working knowledge of Purview, DLP, sensitivity labels, insider risk
  • Demonstrable history of closing vulnerabilities and improving posture
  • Azure identity & access security (Entra ID, Conditional Access, PIM)
  • PowerShell/MS Graph for automation or scripted remediation

Nice to Have

  • Sentinel exposure (analytic rules, workbooks, automation)
  • Understanding of Zero Trust principles and Microsoft Compliance Manager
  • Experience working in regulated or audited environments
Certifications Required
  • AZ-500 - Azure Security Engineer Associate
  • SC-100 (or commitment to completion within 12 months)
  • Plus one of MS-500 or SC-400 or SC-900
Desirable
  • CCSP
  • Additional Defender/M365 security modules
What This Role Offers
  • Real ownership in improving cyber posture
  • Hands-on security engineering where the work is measurable
  • Hybrid UK working
  • Modern cloud-security-driven environment

3 month initial contract outside IR35