Cloud Platform Security Consultant in England

Simpson Associates transforms raw data into actionable insights that drive positive change. Our Microsoft data expertise, specialist sector knowledge, and innovative advice are some of the reasons clients choose to work with us. Our mission is to help purpose-led organisations from the public and private sectors harness data as a lever for change and enable them to realise business value more quickly.

We provide a full range of services to support organisations on their data transformation journey, from advisory support and data strategy to developing Data & AI solutions and providing managed services. We are a Microsoft Solutions Partner, holding specialisations in AI Platform on Microsoft Azure, Analytics on Microsoft Azure, Data Warehouse Migration to Microsoft Azure, and Migrate Enterprise Applications to Microsoft Azure, as well as holding Solutions Partner designations in Data & AI (Azure), Digital & App Innovation (Azure), Infrastructure (Azure), and Security.

We are proud to be recognised as the winner of the Microsoft Community Response Partner of the Year award, reflecting our dedication to using technology for positive change. We are also a Databricks partner and an IBM Gold Partner, specialising in Cognos Analytics and Planning Analytics.

With offices in York and Sheffield, and a team based throughout the UK, we champion creativity, innovation, and collaboration in the workplace.

The Role: A Cloud Platform Security Consultant to partner with our clients in designing, implementing, and maintaining security controls across their Azure cloud platforms.

Key Responsibilities

• Security Monitoring & Threat Detection
  • Design and maintain security monitoring solutions using Microsoft Sentinel and other SIEM tools
  • Develop and optimise KQL queries for threat hunting, detection rules, and analytics
  • Investigate security incidents and coordinate response activities
  • Map threats and detections to the MITRE ATT&CK framework
  • Perform continuous threat intelligence analysis and proactive threat hunting
• Cloud Security Architecture
  • Implement and maintain security controls across Azure landing zones and workloads
  • Secure AI and machine learning workloads, including Azure OpenAI, Azure ML, and Cognitive Services
  • Design and enforce network security policies using Azure Firewall, NSGs, and Private Link
  • Implement identity and access management controls using Entra ID and conditional access
  • Ensure compliance with relevant cyber security legislation (GDPR, NIS Directive, UK Cyber Essentials, etc.)
  • Develop security automation workflows using Azure Logic Apps, Functions, and Sentinel playbooks
  • Implement security controls as code (policy as code, infrastructure as code)
  • Build automated security testing and validation pipelines
  • Create custom connectors and integrations for security tooling
• Governance & Compliance
  • Maintain security policies and standards aligned to industry frameworks
  • Conduct security assessments and gap analyses
  • Support audit and compliance activities for public sector clients
  • Produce security documentation, reports, and technical guidance

Skills and Attributes Required

• Strong hands-on experience with Microsoft Sentinel including workbook creation, analytics rules, and automation
• Advanced Search Query Language proficiency, ideally KQL, for log analysis and threat hunting
• Deep knowledge of Azure security services (Defender for Cloud, Key Vault, Managed Identity, etc.)
• Experience with SIEM tools and security information management
• Understanding of the MITRE ATT&CK framework and its practical application
• Strong analytical skills with the ability to investigate complex security incidents
• Proven ability to develop automation solutions for security operations
• Knowledge of cyber security legislation and regulatory requirements (UK public sector experience advantageous)
• Experience with Azure DevOps, Infrastructure as Code (Terraform/Bicep)
• Experience securing AI workloads and understanding AI-specific threat vectors
• Experience in stakeholder management
• Experience in Project Management – Prince 2 or Agile Methodologies

Advantageous Qualifications and Skills

• Degree in Computer Science, Cyber Security, or related field (or equivalent experience)
• Industry certifications such as CISSP, CEH, GIAC, or Microsoft security certifications
• Microsoft security certifications (SC-200, SC-300, AZ-500)
• Knowledge of data platform security (Databricks, Synapse, Fabric)
• Experience with Microsoft Purview for data security, including Sensitive Information Types, DLP policies, and DSPM
• Familiarity with penetration testing and vulnerability management tools
• Experience working with NHS, police, or local government clients
• Understanding of FinOps and cloud cost optimisation

Simpson Associates reserves the right to close the recruitment process at any time.