Senior Cloud Security Consultant

Location: Remote / Redheughs Rigg, Edinburgh EH12 9DQ, UK

Job type: Permanent / Full-time

Sector and subsector: IT | Cybersecurity

Salary: Competitive salary

Company Description: At Quorum Cyber, we're on a mission to help good people win. Founded in Edinburgh in 2016, we're one of the fastest growing cyber security companies in the UK and North America, serving over 400 customers on four continents. We protect organisations against the rising threat of cyber-attacks, enabling them to thrive in an increasingly unpredictable and inhospitable digital landscape.

Role Purpose: To deliver and lead customer-facing Professional Services engagements that help clients assess, design, implement and onboard Microsoft cloud security capabilities. This role leads defined workstreams and smaller projects, supports XDR managed-service onboarding, produces high-quality delivery documentation and ensures customer environments are ready for transition into operational service across Azure, Microsoft Defender XDR, Microsoft Sentinel, Microsoft Entra and Microsoft 365 security services.

What I Do Is:

• Lead assigned customer-facing cloud security workstreams and smaller projects, including discovery, assessments, workshops, implementation tasks, documentation and customer updates.
• Assess Microsoft cloud environments, including Azure, Microsoft 365, Defender XDR, Sentinel and Entra, for security risks, compliance gaps and onboarding readiness.
• Support and, where appropriate, lead XDR managed-service onboarding activities by validating technical readiness, required integrations, data source coverage, alerting and handover requirements.
• Design and implement cloud security controls and configuration improvements, escalating complex design decisions to the Lead Cloud Security Consultant when required.
• Produce delivery artefacts including discovery outputs, recommendations, implementation plans, HLD/LLD contributions, configuration records and transition-to-service documentation.
• Advise clients on cloud security good practice, governance, policies, operational improvements and Microsoft security capability adoption.
• Coordinate project tasks, customer actions and technical dependencies for assigned workstreams to keep delivery moving and risks visible.
• Support integration of security controls into cloud operations, DevOps practices, SOC processes and customer operating models.
• Work with SOC, engineering, managed services, project managers and customer stakeholders to ensure smooth handover into BAU operations.
• Support presales and discovery activities by providing technical input when required.
• Stay current with Microsoft cloud security capabilities, emerging threats and regulatory requirements.

The Skills I Need Are:

• Strong understanding of Microsoft cloud security, including Azure, Microsoft Defender XDR, Microsoft Sentinel, Microsoft Entra and Microsoft 365 security services.
• Strong knowledge of the Defender suite, Sentinel, Entra ID, identity security, endpoint and cloud workload protection, and security operations concepts.
• Knowledge of cloud security frameworks and guidance, including CIS, NIST, ISO 27001, Azure Cloud Adoption Framework and Microsoft Cybersecurity Reference Architecture.
• Experience with IAM, RBAC, Conditional Access, encryption, networking, logging, monitoring and secure configuration in Microsoft cloud environments.
• Hands-on experience implementing or supporting security tools such as Sentinel, Defender for Cloud, Defender for Endpoint, Defender for Identity, Defender for Cloud Apps and Entra.
• Ability to create clear technical documentation and contribute to HLDs, LLDs, implementation plans and service transition artefacts.
• Strong communication, workshop and presentation skills for technical and non-technical audiences.
• Ability to coordinate assigned delivery activities across customers, SOC, engineering, managed services and project teams.
• Analytical mindset with attention to detail, problem-solving skills and a focus on delivery quality.
• Understanding of Professional Services delivery, including scope, time, quality, customer satisfaction, utilisation and when to escalate delivery risks.

I Know I Have Done A Great Job If:

• Assigned customer engagements, workstreams and smaller projects are delivered to scope, on time and with clear customer sign-off.
• Customers are successfully onboarded into managed service with agreed integrations, controls and handover requirements completed.
• Cloud security risks and onboarding gaps are clearly identified, prioritised and remediated or transitioned into an agreed improvement plan.
• HLD/LLD contributions, implementation documentation and handover artefacts are accurate, consistent and reusable.
• Security controls are integrated into cloud operations, SOC processes and customer operating models.
• Customers view me as a trusted advisor and value the Professional Services engagement.
• Billable utilisation, delivery quality and customer satisfaction expectations are achieved.
• Stakeholders in SOC, engineering and managed services have the information needed to operate the service effectively.

Other Information: You will get an excellent salary, with world class benefits. As a leading-edge technology company you will have access to the latest technology, and an environment that will encourage and nurture your curiosity. We are passionate about your development, and you will be empowered to advance your skills and expertise.

Our Commitment to Equality & Diversity: Our diversity is a huge part of our success, and collecting data during the hiring process helps us understand how to keep strengthening and supporting that diversity. We are an equal opportunity employer. We are committed to fostering an inclusive, accessible, and equitable workplace where all qualified applicants receive fair consideration. We do not discriminate on the basis of race, national or ethnic origin, colour, religion, age, sex, sexual orientation, gender identity or expression, marital status, family status, disability, or any other characteristic protected under applicable federal, provincial, or territorial human rights legislation.