Cloud Security Engineer (Microsoft 365)

Cloud Security Engineer (Microsoft 365)

Job Description

[Up to c. £250k Comp Package | Hybrid Working]

Are you a security-focused Microsoft 365 specialist looking to make an impact in a high-performance, cloud-first environment? Our client, a global investment firm, is seeking an expert to strengthen the security of their M365 ecosystem, implementing best practices across identity, endpoint protection, data governance, and compliance. As they transition to a fully cloud-native workplace, this role offers a unique opportunity to take ownership of security across critical platforms and drive meaningful change.

Key Responsibilities

• Lead the implementation and optimisation of Microsoft 365 E5 security features, ensuring protection across devices, identities, data, and applications
• Strengthen identity security by refining Conditional Access policies, MFA enforcement, and Entra ID (Azure AD) configurations
• Secure collaboration and communication tools, including Exchange Online, SharePoint, OneDrive, and Teams, by implementing data protection and compliance controls
• Enhance endpoint security by integrating InTune, Defender for Endpoint, and modern device management strategies
• Design and implement security controls for Microsoft Copilot and AI-driven tools to mitigate emerging risks
• Automate security processes using PowerShell and Microsoft Graph API, improving efficiency and scalability
• Monitor and enhance Microsoft Secure Score, proactively identifying and addressing security gaps
• Perform security assessments, threat modelling, and risk analysis, providing recommendations to improve resilience
• Evaluate and maintain security for third-party integrations, including Okta, Proofpoint, Varonis, ShareGate, and KnowBe4
• Collaborate with infrastructure, security, and compliance teams to align M365 security with wider organisational goals

What You Bring...

• 5+ years of IT experience, with at least 4+ years focused on Microsoft 365 security
• Expertise in securing the full M365 suite, including Exchange, SharePoint, Teams, OneDrive, Power Platform, and Office Apps
• Strong working knowledge of Entra ID (Azure AD), Conditional Access, and authentication protocols for secure access management
• Experience with endpoint security solutions, such as InTune, Defender for Endpoint, and Enterprise Mobility Suite
• Hands-on experience implementing data classification, DLP, and compliance policies using Microsoft Purview
• Familiarity with Zero Trust principles and modern access control strategies
• Understanding of hybrid identity models, including Active Directory and cloud-native authentication solutions
• Experience integrating third-party security tools within the M365 environment
• Proficiency in automation and scripting using PowerShell and Microsoft Graph API

...

Apply for this role

All fields marked with * are required.