Microsoft Security Architect - (Purview) Join a leading Microsoft Cloud Security Partner delivering cutting-edge solutions across Purview, Sentinel, Defender, and Entra ID. We're looking for a hands-on, client-facing Security Engineer to lead enterprise-scale deployments - from compliance to Zero Trust. Location: Hybrid - London (1-2 days/week onsite) Salary: Up to £80,000 DOE What You'll Be Doing Architect and deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs/HLDs, support compliance (e.g. Cyber Essentials), and manage onboarding into Managed Security Services Ideally you'll bring some of the following; Real-world experience deploying Microsoft Purview in enterprise environments Strong working knowledge of Purview - MUST HAVE Confident in client engagement, workshop delivery, and technical consultancy Proven skills in producing design documentation and guiding implementation Certifications (SC-400, AZ-500, SC-300, MS-500 Experience with SentinelOne, CrowdStrike, PowerShell/Python scripting Knowledge of Cyber Essentials or similar frameworks We are an equal opportunity recruitment company. This means we welcome applications from all suitably qualified people regardless of race, sex, disability, religion, sexual orientation or age. We are particularly invested in Neurodiversity inclusion and offer reasonable adjustments in the interview process. Reasonable adjustments are changes that we can make in the interview process if your disability puts you at a disadvantage compared with others who are not disabled. If you would benefit from a reasonable adjustment in your interview process, please call or email one of our recruiters.
02/04/2026
Full time
Microsoft Security Architect - (Purview) Join a leading Microsoft Cloud Security Partner delivering cutting-edge solutions across Purview, Sentinel, Defender, and Entra ID. We're looking for a hands-on, client-facing Security Engineer to lead enterprise-scale deployments - from compliance to Zero Trust. Location: Hybrid - London (1-2 days/week onsite) Salary: Up to £80,000 DOE What You'll Be Doing Architect and deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs/HLDs, support compliance (e.g. Cyber Essentials), and manage onboarding into Managed Security Services Ideally you'll bring some of the following; Real-world experience deploying Microsoft Purview in enterprise environments Strong working knowledge of Purview - MUST HAVE Confident in client engagement, workshop delivery, and technical consultancy Proven skills in producing design documentation and guiding implementation Certifications (SC-400, AZ-500, SC-300, MS-500 Experience with SentinelOne, CrowdStrike, PowerShell/Python scripting Knowledge of Cyber Essentials or similar frameworks We are an equal opportunity recruitment company. This means we welcome applications from all suitably qualified people regardless of race, sex, disability, religion, sexual orientation or age. We are particularly invested in Neurodiversity inclusion and offer reasonable adjustments in the interview process. Reasonable adjustments are changes that we can make in the interview process if your disability puts you at a disadvantage compared with others who are not disabled. If you would benefit from a reasonable adjustment in your interview process, please call or email one of our recruiters.
Senior Security EngineerLondon (2x a week)Permanent About the Role We are exclusively partnered with a leading UK retail organisation that is currently undergoing a significant digital transformation. We are seeking a technical and hands-on Senior Security Engineer to design, implement, and operate robust security controls across a complex hybrid environment.In this role, you will bridge the gap between strategy and execution, serving as a technical authority for cloud platforms, identity systems, and endpoint security. You will collaborate closely with Network, Infrastructure, and Application teams to ensure that "secure-by-design" solutions are woven into the fabric of the entire ecosystem. Key Responsibilities Hybrid Architecture & Governance: Design and implement security controls across Azure, on-prem servers, and SaaS applications while maintaining hardening standards based on CIS and NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/Hyper-V), Windows Servers, and Azure IaaS workloads. Data Protection: Manage the certificate lifecycle (PKI/AD CS) and implement data classification and DLP strategies using Microsoft Purview. Cloud Security Posture: Manage Azure Landing Zone security and connectivity, collaborating with Network Engineering to validate secure firewall and VPN configurations. Compliance & Risk: Support audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus, ensuring all remediation progress is tracked and documented. Essential Skills & Experience: Experience: 5-10 years in cloud or infrastructure security roles. Azure Expertise: Deep experience with Defender for Cloud, Sentinel, and Azure security configurations. Identity Mastery: Strong knowledge of Microsoft Entra ID, AD DS, RBAC, and hybrid identity security. Technical Proficiency: Hands-on experience with EDR (MDE), CSPM tools, and vulnerability management platforms. Security Principles: Practical understanding of Zero Trust architecture and secure-by-design methodologies. Compliance Knowledge: Familiarity with PCI DSS, NIST, and ISO 27001 frameworks. Desirable Skills: Awareness of AWS security fundamentals (Guard Duty, KMS, IAM Identity Center). Experience with Infrastructure as Code (IaC) security (Terraform, Bicep) and DevSecOps practices. Scripting for automation using PowerShell or Python. Qualifications & Soft Skills Education: Bachelor's degree in Computer Science, Information Security, or equivalent experience. Certifications: Preferred certifications include AZ-500, SC-300, SC-100, or CISSP/CCSP. Attributes: An analytical mindset with the ability to remain composed under pressure during security incidents. Collaboration: Excellent communication skills to engage with diverse stakeholders across the technology organization. Eligo Recruitment is acting as an Employment Business in relation to this vacancy. Eligo is proud to be an equal opportunity employer dedicated to fostering diversity and creating an inclusive and equitable environment for employees and applicants. We actively celebrate and embrace differences, including but not limited to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran status, and disability. We encourage applications from individuals of all backgrounds and experiences and all will be considered for employment without discrimination. At Eligo Recruitment diversity, equity and inclusion is integral to achieving our mission to ensure every workplace reflects the richness of human diversity.
01/04/2026
Full time
Senior Security EngineerLondon (2x a week)Permanent About the Role We are exclusively partnered with a leading UK retail organisation that is currently undergoing a significant digital transformation. We are seeking a technical and hands-on Senior Security Engineer to design, implement, and operate robust security controls across a complex hybrid environment.In this role, you will bridge the gap between strategy and execution, serving as a technical authority for cloud platforms, identity systems, and endpoint security. You will collaborate closely with Network, Infrastructure, and Application teams to ensure that "secure-by-design" solutions are woven into the fabric of the entire ecosystem. Key Responsibilities Hybrid Architecture & Governance: Design and implement security controls across Azure, on-prem servers, and SaaS applications while maintaining hardening standards based on CIS and NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/Hyper-V), Windows Servers, and Azure IaaS workloads. Data Protection: Manage the certificate lifecycle (PKI/AD CS) and implement data classification and DLP strategies using Microsoft Purview. Cloud Security Posture: Manage Azure Landing Zone security and connectivity, collaborating with Network Engineering to validate secure firewall and VPN configurations. Compliance & Risk: Support audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus, ensuring all remediation progress is tracked and documented. Essential Skills & Experience: Experience: 5-10 years in cloud or infrastructure security roles. Azure Expertise: Deep experience with Defender for Cloud, Sentinel, and Azure security configurations. Identity Mastery: Strong knowledge of Microsoft Entra ID, AD DS, RBAC, and hybrid identity security. Technical Proficiency: Hands-on experience with EDR (MDE), CSPM tools, and vulnerability management platforms. Security Principles: Practical understanding of Zero Trust architecture and secure-by-design methodologies. Compliance Knowledge: Familiarity with PCI DSS, NIST, and ISO 27001 frameworks. Desirable Skills: Awareness of AWS security fundamentals (Guard Duty, KMS, IAM Identity Center). Experience with Infrastructure as Code (IaC) security (Terraform, Bicep) and DevSecOps practices. Scripting for automation using PowerShell or Python. Qualifications & Soft Skills Education: Bachelor's degree in Computer Science, Information Security, or equivalent experience. Certifications: Preferred certifications include AZ-500, SC-300, SC-100, or CISSP/CCSP. Attributes: An analytical mindset with the ability to remain composed under pressure during security incidents. Collaboration: Excellent communication skills to engage with diverse stakeholders across the technology organization. Eligo Recruitment is acting as an Employment Business in relation to this vacancy. Eligo is proud to be an equal opportunity employer dedicated to fostering diversity and creating an inclusive and equitable environment for employees and applicants. We actively celebrate and embrace differences, including but not limited to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran status, and disability. We encourage applications from individuals of all backgrounds and experiences and all will be considered for employment without discrimination. At Eligo Recruitment diversity, equity and inclusion is integral to achieving our mission to ensure every workplace reflects the richness of human diversity.
IAM Engineer Permanent London 2x a week About the Role We are exclusively partnered with a leading retail organisation who are seeking a highly skilled and security-focused Senior IAM Engineer to spearhead the evolution of our identity platforms and core infrastructure. As we transition toward a cloud-native, Entra ID-centric ecosystem, you will take full ownership of modernising our directory services and enterprise baseline.This is a pivotal role for a technical leader who excels in managing hybrid environments while strategically driving the retirement of legacy Active Directory (AD DS) in favor of Microsoft Entra ID and Intune . You will act as the technical authority for identity, ensuring all infrastructure controls are robust, compliant, and strictly aligned with Zero Trust principles.Key Responsibilities Identity & Access Management (IAM): Design and manage hybrid identity configurations, including domain joins, OU/GPO design, and trust relationships. Security Implementation: Maintain SSO, Conditional Access, MFA, and passwordless authentication strategies. Privileged Access: Define and oversee RBAC, PIM, and Just-in-Time (JIT) access for administrative and service accounts. Cloud Migration: Lead the shift from domain-joined/hybrid environments to Entra ID joined, utilizing Windows Autopilot and Intune for lifecycle management. Infrastructure Modernization: Replace legacy GPO-based configurations with Intune configuration profiles and security baselines. Legacy Decommissioning: Plan the phase-out of traditional services such as ADCS, on-prem LDAP applications, and outdated protocols like Kerberos and NTLM. Automation: Streamline operations by automating identity tasks using PowerShell, Microsoft Graph API, and Azure CLI. Governance & Compliance: Ensure all platforms meet hardening standards and assist with audit readiness for frameworks such as ISO 27001, GDPR, or PCI DSS. What We're Looking For Essential Experience: Expertise in Microsoft Identity: Proven track record with Azure Entra ID, Active Directory, and managing hybrid-to-cloud transitions. Device Management: Strong proficiency in Microsoft Intune/Endpoint Manager and modern Windows device transformation. Security Tooling: Hands-on experience deploying PIM, SSPR, and Conditional Access in a production environment. Protocols: Deep understanding of authentication protocols (SAML, OIDC, OAuth2, LDAP) and their cloud-based alternatives. Governance: Experience with Entra ID Governance features, including Access Reviews and Lifecycle Workflows. Automation Skills: Proficient in scripting with PowerShell or Logic Apps to ensure scalable operations. Desirable Experience: Familiarity with Microsoft Purview, Defender for Identity, or Microsoft Sentinel. Background in retiring legacy infrastructure like RADIUS or on-prem file shares. Knowledge of Zero Trust architecture and CIS/NIST compliance baselines. Qualifications & Attributes Experience: 5-10 years within IAM, Windows Infrastructure, or Hybrid Cloud Operations. Education: Bachelor's degree in Computer Science, Cyber Security, or equivalent professional experience. Certifications (Preferred): Microsoft SC-300, SC-100, MD-102, or AZ-104. Soft Skills: An analytical mindset with the ability to lead transformational projects and collaborate effectively across Security and DevOps teams. Eligo Recruitment is acting as an Employment Business in relation to this vacancy. Eligo is proud to be an equal opportunity employer dedicated to fostering diversity and creating an inclusive and equitable environment for employees and applicants. We actively celebrate and embrace differences, including but not limited to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran status, and disability. We encourage applications from individuals of all backgrounds and experiences and all will be considered for employment without discrimination. At Eligo Recruitment diversity, equity and inclusion is integral to achieving our mission to ensure every workplace reflects the richness of human diversity.
01/04/2026
Full time
IAM Engineer Permanent London 2x a week About the Role We are exclusively partnered with a leading retail organisation who are seeking a highly skilled and security-focused Senior IAM Engineer to spearhead the evolution of our identity platforms and core infrastructure. As we transition toward a cloud-native, Entra ID-centric ecosystem, you will take full ownership of modernising our directory services and enterprise baseline.This is a pivotal role for a technical leader who excels in managing hybrid environments while strategically driving the retirement of legacy Active Directory (AD DS) in favor of Microsoft Entra ID and Intune . You will act as the technical authority for identity, ensuring all infrastructure controls are robust, compliant, and strictly aligned with Zero Trust principles.Key Responsibilities Identity & Access Management (IAM): Design and manage hybrid identity configurations, including domain joins, OU/GPO design, and trust relationships. Security Implementation: Maintain SSO, Conditional Access, MFA, and passwordless authentication strategies. Privileged Access: Define and oversee RBAC, PIM, and Just-in-Time (JIT) access for administrative and service accounts. Cloud Migration: Lead the shift from domain-joined/hybrid environments to Entra ID joined, utilizing Windows Autopilot and Intune for lifecycle management. Infrastructure Modernization: Replace legacy GPO-based configurations with Intune configuration profiles and security baselines. Legacy Decommissioning: Plan the phase-out of traditional services such as ADCS, on-prem LDAP applications, and outdated protocols like Kerberos and NTLM. Automation: Streamline operations by automating identity tasks using PowerShell, Microsoft Graph API, and Azure CLI. Governance & Compliance: Ensure all platforms meet hardening standards and assist with audit readiness for frameworks such as ISO 27001, GDPR, or PCI DSS. What We're Looking For Essential Experience: Expertise in Microsoft Identity: Proven track record with Azure Entra ID, Active Directory, and managing hybrid-to-cloud transitions. Device Management: Strong proficiency in Microsoft Intune/Endpoint Manager and modern Windows device transformation. Security Tooling: Hands-on experience deploying PIM, SSPR, and Conditional Access in a production environment. Protocols: Deep understanding of authentication protocols (SAML, OIDC, OAuth2, LDAP) and their cloud-based alternatives. Governance: Experience with Entra ID Governance features, including Access Reviews and Lifecycle Workflows. Automation Skills: Proficient in scripting with PowerShell or Logic Apps to ensure scalable operations. Desirable Experience: Familiarity with Microsoft Purview, Defender for Identity, or Microsoft Sentinel. Background in retiring legacy infrastructure like RADIUS or on-prem file shares. Knowledge of Zero Trust architecture and CIS/NIST compliance baselines. Qualifications & Attributes Experience: 5-10 years within IAM, Windows Infrastructure, or Hybrid Cloud Operations. Education: Bachelor's degree in Computer Science, Cyber Security, or equivalent professional experience. Certifications (Preferred): Microsoft SC-300, SC-100, MD-102, or AZ-104. Soft Skills: An analytical mindset with the ability to lead transformational projects and collaborate effectively across Security and DevOps teams. Eligo Recruitment is acting as an Employment Business in relation to this vacancy. Eligo is proud to be an equal opportunity employer dedicated to fostering diversity and creating an inclusive and equitable environment for employees and applicants. We actively celebrate and embrace differences, including but not limited to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran status, and disability. We encourage applications from individuals of all backgrounds and experiences and all will be considered for employment without discrimination. At Eligo Recruitment diversity, equity and inclusion is integral to achieving our mission to ensure every workplace reflects the richness of human diversity.
Microsoft Security Architect (Purview) Join a leading Microsoft Cloud Security Partner delivering cutting-edge solutions across Purview, Sentinel, Defender, and Entra ID. We re looking for a hands-on, client-facing Security Engineer to lead enterprise-scale deployments from compliance to Zero Trust. Location: Hybrid London (1 2 days/week onsite) Salary: Up to £80,000 DOE What You ll Be Doing Architect and deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs/HLDs, support compliance (e.g. Cyber Essentials), and manage onboarding into Managed Security Services Ideally you'll bring some of the following; Real-world experience deploying Microsoft Purview in enterprise environments Strong working knowledge of Purview - MUST HAVE Confident in client engagement, workshop delivery, and technical consultancy Proven skills in producing design documentation and guiding implementation Certifications (SC-400, AZ-500, SC-300, MS-500 Experience with SentinelOne, CrowdStrike, PowerShell/Python scripting Knowledge of Cyber Essentials or similar frameworks We are an equal opportunity recruitment company. This means we welcome applications from all suitably qualified people regardless of race, sex, disability, religion, sexual orientation or age. We are particularly invested in Neurodiversity inclusion and offer reasonable adjustments in the interview process. Reasonable adjustments are changes that we can make in the interview process if your disability puts you at a disadvantage compared with others who are not disabled. If you would benefit from a reasonable adjustment in your interview process, please call or email one of our recruiters.
31/03/2026
Full time
Microsoft Security Architect (Purview) Join a leading Microsoft Cloud Security Partner delivering cutting-edge solutions across Purview, Sentinel, Defender, and Entra ID. We re looking for a hands-on, client-facing Security Engineer to lead enterprise-scale deployments from compliance to Zero Trust. Location: Hybrid London (1 2 days/week onsite) Salary: Up to £80,000 DOE What You ll Be Doing Architect and deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs/HLDs, support compliance (e.g. Cyber Essentials), and manage onboarding into Managed Security Services Ideally you'll bring some of the following; Real-world experience deploying Microsoft Purview in enterprise environments Strong working knowledge of Purview - MUST HAVE Confident in client engagement, workshop delivery, and technical consultancy Proven skills in producing design documentation and guiding implementation Certifications (SC-400, AZ-500, SC-300, MS-500 Experience with SentinelOne, CrowdStrike, PowerShell/Python scripting Knowledge of Cyber Essentials or similar frameworks We are an equal opportunity recruitment company. This means we welcome applications from all suitably qualified people regardless of race, sex, disability, religion, sexual orientation or age. We are particularly invested in Neurodiversity inclusion and offer reasonable adjustments in the interview process. Reasonable adjustments are changes that we can make in the interview process if your disability puts you at a disadvantage compared with others who are not disabled. If you would benefit from a reasonable adjustment in your interview process, please call or email one of our recruiters.
