×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Network Security Cloud Computing

Senior Security Engineer – Cloud Prem; Hybrid Security

Job in Greater London, London, Greater London, EC1A, England, UK
Listing for: Space NK
Full Time position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Network Security, Cloud Computing
Job Description & How to Apply Below
Position: Senior Security Engineer – Cloud & On-Prem (Hybrid Security)
Location: Greater London

Location

Space NK – Greater London, England, United Kingdom

About

The Role

Space NK operates a hybrid environment across Microsoft Azure, corporate offices, data centres, and a large UK retail footprint. As a Security Engineer, you will design, implement, and operate security controls across cloud platforms, identity systems, endpoints, servers, and business applications. You will support the organisation’s security posture by ensuring that identity, cloud security, data protection, threat detection, and compliance controls are consistently applied and continuously improved.

Your

Role

As a Security Engineer, you will be responsible for owning and operating the security controls that protect Space NK’s identity, cloud, and on‑premises environments. You will define and maintain security standards, enhance detection capabilities, harden platforms, and support incident response. You will lead improvements across authentication, authorisation, cloud posture, endpoint security, vulnerability management, and compliance frameworks. You will work closely with Network Engineering, who operate routing, switching, firewalls, VPNs, and connectivity.

Your responsibility is to define the security requirements, validate secure configurations, and ensure Zero Trust and compliance controls are met – while Network Engineering implements the network infrastructure itself. This role bridges strategy and technical execution: shaping identity security, strengthening Azure cloud posture, enhancing monitoring and detection capabilities, advising on architecture, and maintaining a secure foundation for all business platforms.

Key Responsibilities Hybrid Security Architecture & Governance
  • Design and implement security controls across Azure cloud services, on-prem servers, and SaaS applications.
  • Define and maintain security baselines, hardening standards, and cloud security benchmarks (Microsoft CSB, CIS, NIST).
  • Govern and enforce Azure Policy, Defender for Cloud, and platform‑level security controls.
  • Participate in design and architecture reviews to ensure secure‑by‑design deployments.
  • Maintain security documentation, operational runbooks, standards, and policy artefacts.
  • Support risk assessments, penetration test remediation, and threat modelling activities.
Identity & Access Security
  • Define and maintain identity security standards for Microsoft Entra  Active Directory Domain Services.
  • Provide security requirements for Conditional Access, MFA, SSO, passwordless authentication, and identity governance, implemented by the IAM teams.
  • Partner with IAM/Infrastructure teams to ensure privileged access (PIM), RBAC models, and least‑privilege designs meet security requirements.
  • Harden identity infrastructure including domain controllers, authentication protocols (Kerberos/NTLM), secure LDAP, and hybrid identity components.
  • Monitor identity‑related security signals (Identity Protection, risky users/sign‑ins) and support investigation of identity‑based attacks.
  • Validate secure delegation models, access review processes, and identity lifecycle controls defined by IAM.
Threat Detection, Monitoring & Incident Response
  • Own and operate SIEM and SOAR tooling, including Microsoft Sentinel, Defender XDR, Identity Protection, and threat analytics.
  • Develop and refine detection rules, correlation logic, threat hunting use cases, and behavioural analytics.
  • Investigate and support incident response for identity compromise, endpoint attacks, Azure cloud events, or server breaches.
  • Integrate telemetry from Azure, endpoints, identity platforms, and security tools.
  • Produce incident reports, RCA documentation, and post‑incident improvement plans.
  • Coordinate with SOC teams or third‑party providers when required.
Endpoint, Server, and Infrastructure Security
  • Implement CIS/NIST‑aligned hardening across Windows Server, domain controllers, virtual machines, and Azure workloads.
  • Deploy and manage endpoint protection and EDR platforms (e.g., Microsoft Defender for Endpoint).
  • Enforce secure baselines across virtualisation platforms (VMware/Hyper‑V) and Azure IaaS services.
  • Partner with Infrastructure teams on patch governance, vulnerability remediation, and secure configuration…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search