Cyber Security Architect
Vargo Group
- Wales, England, United Kingdom
- Wales, England, United Kingdom
À propos
Permanent
Hybrid
Up to £85,000 + Bens
An exciting opportunity has arisen with our well-established, high profile client based in Central Cardiff. This key leadership and technical role is responsible for the
strategic and hands‑on management
of the organization's
Microsoft 365 and Azure security environments .
The successful candidate will combine
deep technical expertise
with leadership skills to ensure the robust protection of corporate data, systems, and identities, driving a
Zero Trust
security model and
secure‑by‑design cloud architecture .
Key Responsibilities & Focus Areas
Cyber Security Leadership:
Define the security strategy and roadmap, lead the cyber security function, and take charge of incident management and response to all security events and breaches. Also responsible for vendor security assessments.
Identity & Access Management (IAM):
Expertly manage Microsoft
Entra ID
(Azure AD), implementing
Conditional Access
and
Zero Trust
principles, and managing
PIM/JIT
access,
MFA , and passwordless authentication.
Microsoft 365 Security:
Configure and monitor the entire
Microsoft 365 Defender Suite , implement
DLP/AIP , manage
Microsoft Purview
for governance and compliance, and secure SharePoint, OneDrive, and Teams.
Azure Security Engineering:
Design and implement security controls including
RBAC ,
Managed Identities , Network Security Groups,
Azure Firewall ,
Key Vaults , and compliance frameworks using
Azure Policy/Blueprints .
Threat Detection & Incident Response:
Utilize
Microsoft Sentinel
(SIEM) for log analysis, alert triage, and threat hunting. Coordinate incident response playbooks and be familiar with forensics and threat intelligence.
Infrastructure & Application Security:
Oversee secure configuration for Azure resources (VMs, App Services, Containers), integrate
DevSecOps
security using tools like
Defender for DevOps/GitHub Advanced Security , and manage secure configuration via
Infrastructure as Code (Bicep/Terraform)
and
Intune
for mobile device security.
Risk & Control Management:
Maintain the cyber security risk register and associated controls, ensuring the
ISMS
(Information Security Management System) remains current.
Team Management & Mentoring:
Develop the security team's skills, promote a
secure‑by‑design culture , and oversee the cyber security awareness program.
the successful candidate must possess deep, hands‑on expertise in the following Microsoft cloud security technologies:
What'll you need to know: Microsoft Core Platforms
Microsoft Entra ID (Azure AD):
Architecture, governance, Conditional Access Policies, Zero Trust principles.
Privileged Identity Management (PIM) and Just‑In‑Time (JIT) access.
Multi‑Factor Authentication (MFA)
and passwordless methods (FIDO2).
Microsoft 365 Defender Suite:
Configuration and monitoring (Endpoint, Identity, Office 365, Cloud Apps).
Microsoft Purview:
Data Loss Prevention (DLP), Information Protection (AIP), Sensitivity Labels, and Insider Risk Management.
Microsoft Sentinel (SIEM):
Log ingestion, analytics, alert triage, playbooks, and threat hunting.
Azure Infrastructure Security
Azure Role-Based Access Control (RBAC)
and
Managed Identities .
Azure Networking Security:
NSGs, Azure Firewall, Private Endpoints.
Secrets Management:
Azure Key Vaults and Disk Encryption.
Compliance:
Azure Policy, Blueprints, and resource compliance frameworks.
Engineering & Deployment
DevSecOps:
Integration with tools like Defender for DevOps/GitHub Advanced Security.
Infrastructure as Code:
Secure configuration using Bicep, Terraform, or ARM.
Endpoint/Mobile Security:
Endpoint hardening, patch management, and Mobile Device Management ( Intune ).
#LI-TM1
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.