Senior DevSecOps Engineer / Consultant - Outside IR35
New Yesterday
OverviewSenior DevSecOps Engineer / Consultant - Outside IR35. The role leads governance, architecture guidance, and assurance for cloud and infrastructure security across Microsoft Azure, AWS, and key SaaS platforms. Responsible for defining technical blueprints, setting security standards, and ensuring regulatory compliance with Cyber Essentials Plus, ISO 27001, and Zero Trust principles.ResponsibilitiesDefine and maintain multi-cloud security standards and reference blueprints (e.g. Azure Policy/Initiatives, AWS Control Tower/SCPs)Own security architecture patterns and contribute to HLD/LLD, threat models, and risk assessmentsSet assurance criteria and control evidence requirements for internal teams and third-party vendorsEstablish policy-as-code requirements and maintain an exceptions register with expiry and risk ownershipDefine identity and access control standards (Entra ID Conditional Access, MFA, PIM; AWS IAM federation)Govern SaaS security onboarding (SSO, OAuth governance, DLP controls, vendor assessments)Specify telemetry and logging requirements for Microsoft Sentinel/SOC and review analytics/reportingLead compliance mapping for ISO 27001 and curate audit-ready evidence packsChair Cloud & Platform Security design reviews and participate in CAB for risk appraisalEducate and influence teams through guidance, clinics, and coaching sessionsFamiliarity with IaaS, PaaS, SaaS risk models and audit frameworksExcellent written communication and facilitation skills to drive adoption and influence stakeholdersQualificationsCertifications: AZ‑500, SC‑100, SC‑200, AZ‑700, AWS Security Specialty, CISSP (or equivalents)Experience with blueprint catalogues and architecture governance processesWorking knowledge of containers/Kubernetes (AKS/EKS) policy modelsRole DetailsAzure: Policy/Initiatives, Defender for Cloud, Entra ID, PIMAWS: Control Tower, SCPs, Security Hub, GuardDuty, IAMSecurity & Monitoring: Microsoft Sentinel (KQL), Defender XDR, audit dashboardsDocumentation & Governance: Blueprint repositories, risk registers, ITSM/CAB records
#J-18808-Ljbffr
- Location:
- City Of London, England, United Kingdom
- Job Type:
- FullTime