This Job position is no longer available

We encourage you to browse other open positions on our website.

Thank you for your interest!

Head of Azure Platform Security

New Today

We have a current opportunity for a Head of Azure Platform Security on a permanent basis. The position will be based in London. For further information about this position please apply.

Requirements

- Hands-on Azure cloud security architecture and implementation - Defender for Cloud, Policy-as-Code, RBAC, PIM, private endpoints, and secure landing zone design; AWS security experience also considered

- Network security engineering: firewall policy design and lifecycle management, micro-segmentation, NSG/UDR/NVA architecture, hub-spoke topology, and perimeter defence for hybrid environments

- WAF design, deployment, and operational tuning - Cloudflare, Azure Application Gateway, or equivalent; custom rule authoring and false-positive management at production scale

- Network flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns

- SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage workflow - you write the rules, not just read the dashboard

- Endpoint and desktop security: EDR deployment and tuning (Defender for Endpoint, CrowdStrike), Intune/Jamf device management, privileged access workstations, JIT/JEA models

- API and application security: threat modelling (STRIDE/PASTA), OAuth 2.0/OIDC implementation review, secrets management (Key Vault, HashiCorp Vault), and secure SDLC integration

- PKI, certificate lifecycle automation, identity federation, and SSO across hybrid cloud and on-premises environments

- Security automation and IaC: Python, PowerShell, Terraform, Bicep, or Sentinel analytics rules - you codify controls, you do not document them

- MITRE ATT&CK coverage mapping; threat hunting, adversary emulation, and proactive gap analysis against realistic TTPs

- Cloud infrastructure - Azure preferred, AWS considered; IAM, managed services, automated and auditable deployment pipelines, secrets management

Nice to Have

o Financial services, trading, or capital markets - operational security in a regulated, high-availability, zero-downtime-tolerance environment

o Zero-trust architecture: BeyondCorp, Zscaler, or equivalent; conditional access policy design and implementation

o DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure

o ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation

o Red team, adversarial simulation, or penetration testing programme design - experience on both sides of the exercise

To find out more about Huxley, please visit

TPBN1_UKTJ

Location:
City Of London
Salary:
£100,000
Job Type:
FullTime
Category:
Management;IT;Security

We found some similar jobs based on your search