Lead Cloud Security Consultant in Edinburgh

Company Description

At Quorum Cyber, we're on a mission to help good people win. Founded in Edinburgh in 2016, we're one of the fastest growing cyber security companies in the UK and North America, serving over 400 customers on four continents. We protect organisations against the rising threat of cyber-attacks, enabling them to thrive in an increasingly unpredictable and inhospitable digital landscape. As a Microsoft-only security house, a Microsoft Solutions Partner for Security, a member of the Microsoft Intelligent Security Association (MISA), and winner of the Microsoft Security MSSP of the Year 2025 award, we offer a unified security ecosystem comprised of innovative services, all delivered through our customer platform, Clarity.

In September 2024, Quorum Cyber acquired Canada-based, Microsoft Solutions Partner for Security, Difenda. This was closely followed in December 2024 by the acquisition of US-based, Kivu Consulting, a global cyber security firm with world-leading incident response capabilities.

Role Purpose

To act as the senior technical SME and technical/team lead for customer-facing Professional Services engagements across Microsoft cloud security and XDR managed-service onboarding. The role leads complex technical delivery, provides design assurance, supports the development of the Cloud Security consulting team, and acts as the technical escalation point for Microsoft Defender XDR, Sentinel, Entra, Azure and Microsoft 365 security work. Resource allocation, utilisation forecasting and overall commercial governance remain led by the Head of Microsoft Security Professional Services, with this role providing technical input and early escalation of risks, blockers and capability gaps.

Responsibilities

• Lead complex customer-facing cloud security projects as the technical delivery lead, from discovery, workshops and architecture through implementation, documentation, customer sign-off and transition into managed service.
• Act as the technical authority for cloud security engagements, shaping the technical approach and guiding decisions across design, implementation, risks, dependencies and quality.
• Provide day-to-day technical leadership, coaching and mentoring to Cloud Security Consultants, supporting capability development, consistent delivery standards and confidence with customers.
• Act as the technical escalation point for the Cloud Security team, supporting complex design, implementation and customer-facing challenges.
• Support the Head of Microsoft Security Professional Services with technical input into delivery planning, project risks, capability gaps, team development and delivery quality.
• Lead onboarding readiness assessments and transition-to-service planning for XDR managed-service customers, ensuring integrations, data sources, controls, alerting, handover and acceptance criteria are complete.
• Own or lead technical delivery across Azure, Microsoft 365, Microsoft Defender XDR, Microsoft Sentinel, Microsoft Entra and wider Microsoft security capabilities.
• Design and assure advanced cloud security architectures, governance models and operating models aligned to customer requirements, Microsoft best practice and managed-service delivery.
• Own and quality-review HLDs, LLDs, implementation plans, service transition documents, recommendations and customer-facing deliverables.
• Provide high-value SME input into presales, technical discovery, SoW input, proposal review and shaping of cloud security service offerings.
• Work closely with project managers, SOC, managed services, engineering and customer stakeholders to ensure successful delivery, clean handover and ongoing service operability.
• Drive standardisation and reuse of delivery methods, documentation templates, design patterns and cloud security offerings, while staying current with emerging Microsoft security capabilities, cloud threats, technologies and compliance mandates.

Qualifications

• Deep expertise in Microsoft cloud security, including Azure, Microsoft Defender XDR, Microsoft Sentinel, Microsoft Entra and Microsoft 365 security services.
• Advanced knowledge of the Defender suite, Sentinel architecture, Entra ID, identity security, cloud workload protection, endpoint security, threat detection and security operations.
• Advanced knowledge of cloud security frameworks and guidance, including CIS, NIST, ISO 27001, Azure Cloud Adoption Framework and Microsoft Cybersecurity Reference Architecture.
• Strong experience designing and implementing IAM, RBAC, Conditional Access, encryption, network security, logging, monitoring, secure DevOps and governance controls.
• Expert-level technical project leadership, including leading workshops, shaping the technical approach, managing technical risks/issues, guiding design decisions and driving customer confidence.
• Strong ability to own and quality-assure HLDs, LLDs, SoW technical inputs, implementation plans, project artefacts and service transition documentation.
• Strong coaching and mentoring skills, with the ability to support team development, provide constructive technical feedback and build capability in others.
• Commercial awareness of Professional Services delivery, including scope, effort, utilisation, margin, risks and customer satisfaction, with the ability to escalate commercial or delivery risks early.
• Leadership, communication, stakeholder-management, analytical thinking and problem-solving skills across technical, operational and business audiences.
• Relevant Microsoft security certifications are desirable. CCSP, CISSP or similar cloud/security certifications are desirable.

Success Metrics

• Complex customer projects have clear technical leadership from discovery through implementation, sign-off and transition into managed service.
• Technical delivery is high quality, customer-facing outputs are clear, and engagements achieve agreed outcomes.
• Cloud Security Consultants are supported, coached and developed, with stronger technical confidence and consistent delivery standards across the team.
• XDR managed-service customers are transitioned successfully into BAU operations with clear acceptance criteria, documentation and stakeholder alignment.
• Technical risks, blockers, dependencies and capability gaps are surfaced early to the Head of Microsoft Security Professional Services and project stakeholders.
• HLDs, LLDs, SoWs and delivery artefacts are technically accurate, consistent, commercially realistic and reusable.
• Presales and scoping inputs are technically sound, realistic and aligned to the team's delivery capability.
• The Cloud Security team is recognised internally as a high-value SME function for Microsoft cloud security delivery.
• SOC, engineering and managed services teams receive a clean handover and are set up to operate effectively.

Other Information

You will get an excellent salary, with world-class benefits. As a leading-edge technology company you will have access to the latest technology, and an environment that will encourage and nurture your curiosity. We are passionate about your development, and you will be empowered to advance your skills and expertise.

Our Commitment to Equality & Diversity

Our diversity is a huge part of our success, and collecting data during the hiring process helps us understand how to keep strengthening and supporting that diversity. We are an equal opportunity employer. We are committed to fostering an inclusive, accessible, and equitable workplace where all qualified applicants receive fair consideration. We do not discriminate on the basis of race, national or ethnic origin, colour, religion, age, sex, sexual orientation, gender identity or expression, marital status, family status, disability, or any other characteristic protected under applicable federal, provincial, or territorial human rights legislation. The information requested below is collected to help us meet our employment equity and reporting obligations, and to support our ongoing diversity and inclusion initiatives. Providing this information is entirely voluntary. It will not be shared with hiring managers and will not be used in any hiring decision. Declining to provide this information will not affect your application in any way.