Data Security Engineer in Welwyn Garden City

As a Data Security Engineer, you’ll play a critical role in protecting PayPoint’s business-critical data. With Microsoft Purview at the heart of our security strategy, you’ll design, implement and continuously improve enterprise grade data protection controls across a hybrid cloud environment. You’ll lead the way in securing sensitive information throughout its entire lifecycle, from classification and protection through to retention and secure disposal. Acting as a subject matter expert, you’ll work closely with engineering, architecture, legal, HR and compliance teams to ensure our data security controls are effective, scalable and aligned with regulatory expectations. This is a highly visible role where your expertise will directly influence how data is protected across the organisation. Hybrid role with onsite collaboration 2/3 days a week at either our Welwyn Garden City or Liverpool offices. From time to time, you may also travel between sites.

What we would like from you:

• Expert knowledge and hands on experience with Microsoft Purview, including Information Protection, DLP, Insider Risk, eDiscovery, Records Management and Data Map
• Strong understanding of Microsoft 365 security architecture and Entra ID (Azure AD)
• Experience engineering data protection controls across Microsoft 365, Azure and on premises environments
• Hands on exposure to Microsoft Defender, Sentinel (KQL), Conditional Access and Defender for Cloud Apps
• Solid understanding of data protection principles such as classification, governance, encryption and secure data flows
• Ability to translate regulatory and business requirements into effective technical controls
• Excellent communication skills, able to engage both technical and non-technical stakeholders
• Experience working in regulated environments such as finance, payments or government

It would be great if you have the following:

• Microsoft security certifications such as SC 400, SC 900, SC 200 or AZ 500
• Experience migrating legacy Azure Information Protection to unified Purview labelling
• Knowledge of data discovery tools, CASB/SASE platforms or CNAPP solutions
• Background in security operations, data governance or cloud security engineering
• Experience automating security processes using PowerShell, KQL, Graph API or Purview APIs

Our benefits if you decide to join us:

• Holiday purchase scheme, with 25 days holiday plus bank holidays as standard.
• On-site gym at our office (Free), and nationwide corporate rate gym membership
• Online benefits portal where you can access lots of deals, discounts - for example of shopping or holidays
• Contributory company pension scheme
• Progression and Development
• Life assurance of 3 x annual gross salary, with the option to purchase additional cover
• You’re also able to purchase a range of benefits at a discounted rate including, critical illness cover, bicycles via our Cycle2Work scheme, dental insurance and TasteCard dining discount card

As a disability‑confident committed company, we have a passion for championing equality. We welcome all colleagues into a work environment where success is attainable for everyone, regardless of disability, age, race, religion, gender identity, or sexual orientation. We are committed to ensuring that everyone has equal access to growth and opportunities in our workplace.