Cloud Security Engineer
The Premier League is seeking a Cloud Security Engineer to lead the design, implementation, and operation of security controls across our cloud platforms. This role is responsible for securing Azure, AWS, and M365 environments, embedding secure‑by‑design principles into cloud architecture, and enhancing detection and response capabilities across the estate.
Who we are
The Premier League is a global football organisation that brings people together, protects intellectual property, and supports community and development programmes. We are an inclusive employer that values diversity and provides opportunities for all.
The role
As a Cloud Security Engineer, you will influence security strategies across Azure, AWS, and Microsoft 365, and partner with cross‑functional teams to deliver secure cloud solutions.
Cloud platform security
- Deploy and manage security controls across Azure, AWS, and Microsoft 365 environments.
- Apply and maintain Azure Policy, RBAC, and Privileged Identity Management (PIM).
- Secure cloud infrastructure using Microsoft Defender for Cloud and native platform capabilities.
Detection & response engineering
- Develop and improve cloud detection use cases within Microsoft Sentinel in collaboration with XDR provider.
- Integrate cloud telemetry (Azure, AWS, SaaS) into central monitoring.
- Support the Senior IS Analyst as the incident response lead in the investigation of cloud‑related incidents as a subject‑matter expert.
CSPM & exposure management
- Own and operate all CSPM technology.
- Identify and remediate cloud misconfigurations and exposure risks.
- Work with Data Security to correlate infrastructure risk with data sensitivity.
DevSecOps & secure architecture
- Implement security controls infrastructure‑as‑code pipelines.
- Enforce secure configuration standards for cloud environments.
- Provide cloud security advice to DevOps on projects and cloud configuration.
Tooling, automation & integration
- Drive automation using PowerShell, CLI, Bicep, Terraform or equivalent.
- Integrate security tooling across identity, cloud, and monitoring platforms.
- Support integration of DSPM tooling into cloud environments and logging pipelines.
Collaboration & governance
- Work closely with IT TechOps and relevant third parties to maintain secure‑by‑design governance.
- Collaborate with Data Security on applying data protection controls within cloud platforms.
- Contribute to KPIs/KRIs and continuous improvement aligned to NIST CSF / ISO 27001.
Requirements for the role
- Ability to work independently and take initiative to drive outcomes.
- Previous experience in cloud infrastructure engineering.
- Strong experience with Microsoft Azure security tools and cloud configurations.
- Experience managing Microsoft 365 security and compliance solutions.
- Familiarity with AWS security principles and tooling (IAM, Security Hub, GuardDuty).
- Demonstrable use of Microsoft Defender XDR, Defender for Cloud, and Orca.
- Experience in scripting and automation using PowerShell, CLI, or infrastructure as code.
- Knowledge of SIEM/SOAR solutions (Microsoft Sentinel preferred).
- Experience responding to and analysing security incidents.
- Working knowledge of industry standards such as NIST CSF, ISO 27001, CIS Benchmarks.
- Comfortable communicating with both technical and non‑technical audiences.
- Understanding of KPIs/KRIs in the context of cloud security monitoring.
- Qualified to or studying for certifications such as:
- Microsoft Certified: Azure Security Engineer Associate (AZ‑500)
- Microsoft Certified: Cybersecurity Architect (SC‑100)
- AWS Security Specialty
- CompTIA Security+
- GIAC Certified Cloud Security Automation (GCSA)
Our commitment to safeguarding
We implement robust safer recruitment procedures to assess suitability for roles that involve work with children and adults who are or may be at risk of harm. For further information, please see our Safeguarding Policy and Safer Recruitment Guidance.
Equal Opportunities
The Premier League is an equal opportunities employer and strives to create an inclusive culture where talent can flourish. All appointments will be made based on merit; we particularly encourage applications from women, people from minority ethnic communities, LGBTQ+ people, and disabled people.
#J-18808-Ljbffr”, “datePosted”: “2026-05-13”, “hiringOrganization”: { “@type”: “Organization”, “name”: “Brighton and Hove Albion Football Club”, “sameAs”: “https://uk.whatjobs.com/pub_api__cpl__430939890__4861?utm_campaign=publisher&utm_medium=api&utm_source=4861&geoID=33” }, “jobLocation”: { “@type”: “Place”, “address”: { “@type”: “PostalAddress”, “addressLocality”: “London” } } }Cloud Security Engineer
The Premier League is seeking a Cloud Security Engineer to lead the design, implementation, and operation of security controls across our cloud platforms. This role is responsible for securing Azure, AWS, and M365 environments, embedding secure‑by‑design principles into cloud architecture, and enhancing detection and response capabilities across the estate.
Who we are
The Premier League is a global football organisation that brings people together, protects intellectual property, and supports community and development programmes. We are an inclusive employer that values diversity and provides opportunities for all.
The role
As a Cloud Security Engineer, you will influence security strategies across Azure, AWS, and Microsoft 365, and partner with cross‑functional teams to deliver secure cloud solutions.
Cloud platform security
- Deploy and manage security controls across Azure, AWS, and Microsoft 365 environments.
- Apply and maintain Azure Policy, RBAC, and Privileged Identity Management (PIM).
- Secure cloud infrastructure using Microsoft Defender for Cloud and native platform capabilities.
Detection & response engineering
- Develop and improve cloud detection use cases within Microsoft Sentinel in collaboration with XDR provider.
- Integrate cloud telemetry (Azure, AWS, SaaS) into central monitoring.
- Support the Senior IS Analyst as the incident response lead in the investigation of cloud‑related incidents as a subject‑matter expert.
CSPM & exposure management
- Own and operate all CSPM technology.
- Identify and remediate cloud misconfigurations and exposure risks.
- Work with Data Security to correlate infrastructure risk with data sensitivity.
DevSecOps & secure architecture
- Implement security controls infrastructure‑as‑code pipelines.
- Enforce secure configuration standards for cloud environments.
- Provide cloud security advice to DevOps on projects and cloud configuration.
Tooling, automation & integration
- Drive automation using PowerShell, CLI, Bicep, Terraform or equivalent.
- Integrate security tooling across identity, cloud, and monitoring platforms.
- Support integration of DSPM tooling into cloud environments and logging pipelines.
Collaboration & governance
- Work closely with IT TechOps and relevant third parties to maintain secure‑by‑design governance.
- Collaborate with Data Security on applying data protection controls within cloud platforms.
- Contribute to KPIs/KRIs and continuous improvement aligned to NIST CSF / ISO 27001.
Requirements for the role
- Ability to work independently and take initiative to drive outcomes.
- Previous experience in cloud infrastructure engineering.
- Strong experience with Microsoft Azure security tools and cloud configurations.
- Experience managing Microsoft 365 security and compliance solutions.
- Familiarity with AWS security principles and tooling (IAM, Security Hub, GuardDuty).
- Demonstrable use of Microsoft Defender XDR, Defender for Cloud, and Orca.
- Experience in scripting and automation using PowerShell, CLI, or infrastructure as code.
- Knowledge of SIEM/SOAR solutions (Microsoft Sentinel preferred).
- Experience responding to and analysing security incidents.
- Working knowledge of industry standards such as NIST CSF, ISO 27001, CIS Benchmarks.
- Comfortable communicating with both technical and non‑technical audiences.
- Understanding of KPIs/KRIs in the context of cloud security monitoring.
- Qualified to or studying for certifications such as:
- Microsoft Certified: Azure Security Engineer Associate (AZ‑500)
- Microsoft Certified: Cybersecurity Architect (SC‑100)
- AWS Security Specialty
- CompTIA Security+
- GIAC Certified Cloud Security Automation (GCSA)
Our commitment to safeguarding
We implement robust safer recruitment procedures to assess suitability for roles that involve work with children and adults who are or may be at risk of harm. For further information, please see our Safeguarding Policy and Safer Recruitment Guidance.
Equal Opportunities
The Premier League is an equal opportunities employer and strives to create an inclusive culture where talent can flourish. All appointments will be made based on merit; we particularly encourage applications from women, people from minority ethnic communities, LGBTQ+ people, and disabled people.
#J-18808-Ljbffr…