Senior Architect - Information Security

Here at Action For Humanity (AFH), we are looking for a Senior Architect/Architect – Information Security to join us at our International Office in Manchester. You will join us on a full-time basis and in return you will receive a competitive annual salary. AFH is an INGO that provides aid and assistance to people affected by natural and man-made disasters. Our vision is a world of crises-resilient communities. Our mission is to mobilise and respond to emergencies and critical needs through humanitarian, development and peace-building action, helping affected communities survive, recover and build a better future.

The Senior Architect/Architect – Information Security will lead the design and implementation of security frameworks within a Microsoft-centric environment. The ideal candidate will have extensive hands-on experience in Microsoft 365, Entra ID (Azure AD), Microsoft Intune, Defender Suite, and Zero Trust Security Architecture. This role will focus on identity security, endpoint management, compliance, and cloud security, ensuring a secure and scalable IT infrastructure aligned with industry best practices. Experience with Layer 7 firewalls, VPNs, SD-WAN, and Virtual Desktop Infrastructure (VDI) is a plus.

Your key responsibilities will include:

• Microsoft Security & Identity Management
  • Design and implement Zero Trust Security Architecture within Microsoft 365 and Azure environments.
  • Manage Entra ID (Azure AD), Conditional Access, Multi-Factor Authentication (MFA), and Privileged Access Management (PAM).
  • Optimize Microsoft Intune for endpoint security, compliance, and mobile device management (MDM).
• Cloud & SaaS Security
  • Secure Microsoft 365, SharePoint, Teams, and OneDrive, ensuring Data Loss Prevention (DLP) and encryption.
  • Implement Microsoft Defender Suite (Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection.
  • Strengthen cloud security posture by managing security configurations across Microsoft Azure environments.
• Security Automation & Incident Response
  • Automate security workflows with Power Automate, Power Apps, and Microsoft Defender XDR.
  • Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and incident response.
  • Establish incident response playbooks and conduct forensic investigations when needed.
• Compliance & Risk Management
  • Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks.
  • Conduct risk assessments, vulnerability scans, and security audits.
  • Define data protection, backup, and retention policies aligned with Microsoft 365 compliance tools.
• Network Security & Infrastructure Protection (Plus Skills)
  • Experience with Layer 7 firewalls (Cisco, Fortinet, Palo Alto, Sophos), VPNs, and SD-WAN is a plus.
  • Familiarity with Virtual Desktop Infrastructure (VDI) solutions for secure remote access is beneficial.
• Security Governance & Awareness
  • Lead cybersecurity awareness initiatives and enforce best practices.
  • Assess third-party vendor security risks and ensure compliance with security policies.
  • Support secure DevOps (DevSecOps) methodologies in IT and software development environments.

What we are looking for in our Senior Architect/Architect – Information Security:

• Education
  • Microsoft Certifications: Microsoft Certified: Cybersecurity Architect Expert, Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900), Microsoft Certified: Azure Security Engineer Associate.
  • Other security/network certifications (CISSP, CCSP, Fortinet NSE, Palo Alto PCNSA/PCNSE) are a plus.
  • Experience with PowerShell scripting for security automation is beneficial.
• Experience
  • Experience working in a charity or non-profit organisation.
  • Knowledge of international humanitarian work or similar sectors.
  • 5+ years (7+ for Senior Architect) in Information Security, Cloud Security, or IT Infrastructure Security.
• Skills
  • Deep expertise in Microsoft 365 Security, Entra ID (Azure AD), Microsoft Intune, and Microsoft Defender Suite.
  • Strong knowledge of IAM, MFA, PAM, SIEM (Microsoft Sentinel), and security automation.
  • Experience securing Microsoft Azure environments (Azure Security Center, Azure Policy, Conditional Access).
  • Familiarity with hybrid and multi-cloud security best practices.
• Languages
  • Strong written and spoken English essential.
  • Other languages such as Arabic, Urdu or Bengali beneficial but not essential.

Benefits of joining us include:

• A competitive salary;
• All work-related travel and other expenses paid;
• Remote working and flexible working hours;
• 25 days’ holiday allowance + bank holidays + your birthday off;
• Matched pension contributions;
• Enhanced sick pay;
• Structured annual performance development review process, which informs annual salary reviews and involves training and development provision;
• EAP with 24/7 access to emotional support including counselling, and legal and financial advice;
• Hundreds of discounts and special offers, for shopping, dining out, joining a gym, and more;
• Opportunities to go on international deployment/field visits, where appropriate;
• Annual away days/retreats involving training, teambuilding, outdoor and social activities;
• Subsidised social activities.

This would be an ideal role for a Security expert who is passionate about AFH’s causes. We are looking to appoint this role ASAP and will be reviewing applications on a rolling basis, so for the best chance of success please apply today – we would love to hear from you.

All offers of employment will be subject to satisfactory references and appropriate screening checks, which can include criminal records and terrorism finance checks. Action For Humanity also participates in the Inter-Agency Misconduct Disclosure Scheme. In line with this Scheme, we will request information from job applicants’ previous employers about any findings of sexual exploitation, sexual abuse and/or sexual harassment during employment, or incidents under investigation when the applicant left employment. By submitting an application, the job applicant confirms their understanding of these recruitment procedures.