Lead Cyber Security Engineer

• Architect and implement security controls across Microsoft 365, Azure, Dynamics 365, Kubernetes (AKS), and AI/ML workloads.
• Lead the design and deployment of conditional access, Defender for Cloud, Purview DLP, Azure Firewall, and related services.
• Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container workflows.
• Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines.

Platform Security Oversight

• Own and optimise endpoint security through Intune, ensuring device compliance and integration with Zero Trust.
• Harden AKS clusters and cloud-native apps through role-based access control (RBAC), secrets management, and runtime protection.
• Secure data pipelines and models in AI workloads, implementing guardrails for model integrity and prompt injection defence.

Cloud & Network Security

• Engineer secure access and posture for Cisco Meraki infrastructure and Umbrella SWG services.
• Enforce network segmentation, micro-perimeter security, and policy-based routing for hybrid network models.
• Oversee DNS, web access, and remote gateway protection at the edge.
• Security Operations & Threat Defence
• Act as the technical escalation point for complex threat investigations and incident response.
• Lead red-teaming simulations, vulnerability assessments, and threat hunting activities.
• Support proactive telemetry monitoring and improvement of detection logic and alert fidelity.

Leadership & Mentoring

• Provide engineering mentorship to junior analysts and engineers; lead by doing.
• Shape and communicate the security engineering roadmap in alignment with the Cyber Security Strategy.

• Deep hands-on knowledge of Microsoft security stack (M365 Defender, Sentinel, Intune, Azure Policy, PIM).
• Proven experience deploying Cisco Meraki and Umbrella in enterprise environments.
• Experience in securing Kubernetes, cloud-native infrastructure, and containerised apps.
• 5+ years in a senior security engineering or architect role.
• Experience leading technical teams or acting as a technical lead on security initiatives.
• Certifications such as AZ-500, CISSP, CCSP, GIAC, or similar highly advantageous.
• Engineer-first mentality: solves security problems through systems thinking and automation.
• Strategic, yet pragmatic: balances best practice with business context.
• Proactive, communicative, and passionate about elevating security posture through innovation.
• MS Engineer & MS Data Scientist Associate
• Ability to exercise independent judgment and act on it.

What's in it for you?

• Hybrid working options for flexibility.
• Bonus linked to company and personal performance.
• 28 days holiday plus public holidays, with an annual leave purchase scheme.
• Private healthcare, discounted dental insurance, and health cashback scheme.
• Paid volunteering days and caregiver leave.
• Access to retail discounts and our company share scheme.

SThree is the global STEM workforce consultancy, fusing ambition, expertise and technology. We advise businesses, build expert teams and deliver project solutions, to outpace tomorrow, together. We've been in STEM for more than 39 years- a global team with local expertise across specialist sectors in Engineering, Life Sciences and Technology. We aspire to be the game-changers in STEM. We are all in, we build partnerships, we think big, and we do the right thing. We bring skilled people together, whatever the speed, scale and scope of the ambitions, to build the future.