Cloud Security & Compliance Engineer

As a Cloud Security & Compliance Engineer, you will play a vital role in securing and maintaining RDT’s cloud-based infrastructure while ensuring compliance with industry standards. This position requires a strong Azure technical foundation, working alongside SREs to form part of the second line on-call team responsible for Infrastructure-related support.

Your primary focus will be security, compliance, and risk management, while also contributing to incident response, identity management, automation, and compliance tracking.Security & Compliance Operations

• Monitor and analyse security alerts across the estate and escalations from the managed Security Operations Centre (SOC)
• Conduct vulnerability scans and security assessments across Azure cloud infrastructure.
• Ensure ISO27001, NIST CSF, GDPR, and Cyber Essentials Plus compliance.
• Support compliance reporting and tracking, ensuring alignment with regulatory requirements.

Incident Response & Risk Management

• First-line security escalation for incidents, working with SREs and RDT’s managed SOC provider to remediate threats.
• Perform forensic analysis and post-incident reporting on security events.
• Maintain and update security risk registers, ensuring proper risk treatment planning.
• Lead or assist in root cause analysis (RCA) for security-related incidents.

Azure Cloud Security & Identity Management

• Administer Azure Active Directory (AAD), Privileged Identity Management (PIM), and role-based access control (RBAC).
• Support Azure Policy and Security Baselines to maintain compliance across cloud environments.
• Work with SREs, Platform Engineers and Architects to optimize Azure security posture.

Automation & Security Engineering

• Develop and maintain security automation workflows using Azure Automation, PowerShell, and Terraform.
• Collaborate with SREs to integrate security monitoring into CI/CD pipelines.
• Ensure security best practices are embedded in Azure infrastructure deployments.

On-Call & Infrastructure Support

• Participate in the second line on-call team, responsible for Infrastructure-related support across SRE & Security teams.
• Assist in out-of-hours security incident response, working alongside Cloud Infrastructure Engineers and SREs.
• Ensure continuous monitoring of security posture and assist in post-incident remediation.

• 3+ years in IT security operations, cloud security, or compliance engineering with an Azure focus.
• Strong hands-on experience with Azure security technologies (Defender, Security Center, PIM, Policy).
• Familiarity with compliance automation tooling principles (we use Vanta).
• Incident response experience, including SIEM triage, forensic analysis, and remediation coordination.
• Proficiency in PowerShell scripting for security automation.
• Strong knowledge of ISO27001, NIST CSF, GDPR, and Cyber Essentials Plus frameworks.
• Experience working within an ITIL V4 Incident Management framework.
• Ability to work in an on-call rotation, ensuring 24/7 coverage for security and infrastructure incidents.

Desirable Skills

• Azure certifications (AZ-500, AZ-104) or ISO27001 Lead Implementer certification.
• Experience with Terraform or Infrastructure-as-Code (IaC) for security automation.
• Exposure to SOC2 compliance processes and third-party security assessments.
• Hands-on experience in DevSecOps security integration.

• Hands-on experience with Threat Modelling Tools.

• Be part of a new Security & Compliance team, shaping security strategy in an Azure-centric managed service.
• Work alongside SREs and Cloud Infrastructure Engineers, developing a broad infrastructure coverage model.
• Engage in hands-on security automation, compliance tracking, and threat monitoring.
• Competitive salary and benefits, with certification support for career development.
• Collaborative Environment: Be part of a collaborative and inclusive work environment that values diversity and innovation.

RDT is a leading technology company specializing in innovative software solutions. We are committed to fostering a culture of continuous learning and growth, providing our employees with opportunities to excel and make a meaningful impact. Join us and be part of a team that is shaping the future of technology.

If you are passionate about cloud security and compliance and eager to for a forward thinking InsureTech specialist with big plans in this space, we would love to hear from you. Please email your CV and any relevant project work or portfolio to talent@rdt.co.uk.

We look forward to receiving your application and exploring the possibility of you joining our talented team at RDT.