Azure Security Architect CGEMJP

Role Title: Azure Security Architect

Duration: contract to run until 30/10/2026

Location: Knutsford 3 days per week onsite

Rate: up to 543.45 p/d Umbrella inside IR35

Role purpose / summary

The Azure Security Architect is responsible for designing, implementing, and governing security controls across cloud platforms, with a focus on Zero Trust, secure build standards, and network segmentation. This role ensures that security controls are embedded into all solution components and aligned with organisational and regulatory requirements.

Key Responsibilities:

• Develop and maintain Azure security architecture aligned to Zero Trust principles, ensuring least privilege, segmentation, and strong identity control.
• Define secure configuration standards for Azure resources, including network, compute, storage, identity, and monitoring components.
• Lead design and assurance of secure network segregation, including hub-and-spoke, firewalls, private endpoints, and micro-segmentation.
• Oversee policy implementation through Azure Policy, Defender for Cloud, RBAC, Conditional Access, and security baselines.
• Conduct threat modelling, risk assessments, and architectural reviews.
• Guide engineering teams on hardening patterns, remediation activities, and secure deployment practices.
• Ensure alignment with compliance standards (ISO, NIST, CIS benchmarks).

Technical Components:

• Expertise with Azure AD/Entra, Defender suite, Sentinel, NSGs/ASGs, WAF, Azure Firewall, Key Vault, and managed identities.
• Experience implementing ARM/Bicep/Terraform for secure build deployments.
• Strong knowledge of network security patterns within cloud-native and hybrid architectures.

All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!