Cloud Security Engineer
Posted Today by TXP
£550 Per day
Inside
Remote
London
Summary: The Cloud Security Engineer role focuses on delivering a pre-defined enterprise PKI solution within Azure, emphasizing hands-on implementation and integration of PKI capabilities. The position requires expertise in Azure Key Vault and certificate lifecycle management, supporting secure onboarding of workloads across key platforms. This is a delivery-focused role ideal for candidates with deep knowledge of PKI and certificate automation. The contract is fully remote and expected to last until the end of June 2026.
Key Responsibilities:
- Implement and integrate an enterprise PKI solution (e.g. DigiCert or equivalent) within Azure
- Configure Azure Key Vault for certificate and key management (RBAC, private endpoints, rotation)
- Enable certificate lifecycle management including issuance, renewal, and automation
- Support TLS enforcement and mTLS implementation across services
- Integrate certificates into Azure services and CI/CD pipelines
- Support secure onboarding of platforms including AKS, App Gateway, and APIs
- Assess and support hybrid PKI integration (where applicable)
- Define and enforce certificate governance standards (e.g. no self-signed certs, revocation policies, auditing)
- Produce clear, client-ready documentation and implementation standards
Key Skills:
- Strong experience with Azure Key Vault (certificates, keys, RBAC)
- Deep understanding of PKI fundamentals (CA hierarchy, CRL/OCSP, certificate issuance & revocation)
- Proven experience in certificate lifecycle automation
- Strong knowledge of TLS / mTLS implementation
- Experience integrating security into cloud platforms and CI/CD pipelines
- Experience with DigiCert or similar enterprise PKI providers
- Exposure to AKS, Application Gateway, and API security
- Understanding of hybrid PKI environments (e.g. AD CS integration)
Salary (Rate): £550/day
City: London
Country: United Kingdom
Working Arrangements: remote
IR35 Status: inside IR35
Seniority Level: Mid-Level
Industry: IT
Cloud Security Engineer Inside IR35, £550 Fully remoteASAP start, short term contract through till end of June 2026
The RoleWe are looking for an experienced Cloud Security Engineer (Azure PKI) to take a hands-on role in delivering a pre-defined enterprise PKI solution.You'll be responsible for implementing and integrating PKI capabilities within Azure, enabling secure certificate lifecycle management, and supporting the onboarding of workloads across key platforms.This is a delivery-focused, hands-on role, ideal for someone with deep expertise in Azure Key Vault, PKI, and certificate automation.
Key Responsibilities
- Implement and integrate an enterprise PKI solution (e.g. DigiCert or equivalent) within Azure
- Configure Azure Key Vault for certificate and key management (RBAC, private endpoints, rotation)
- Enable certificate lifecycle management including issuance, renewal, and automation
- Support TLS enforcement and mTLS implementation across services
- Integrate certificates into Azure services and CI/CD pipelines
- Support secure onboarding of platforms including AKS, App Gateway, and APIs
- Assess and support hybrid PKI integration (where applicable)
- Define and enforce certificate governance standards (e.g. no self-signed certs, revocation policies, auditing)
- Produce clear, client-ready documentation and implementation standards
Core Skills & Experience
- Strong experience with Azure Key Vault (certificates, keys, RBAC)
- Deep understanding of PKI fundamentals (CA hierarchy, CRL/OCSP, certificate issuance & revocation)
- Proven experience in certificate lifecycle automation
- Strong knowledge of TLS / mTLS implementation
- Experience integrating security into cloud platforms and CI/CD pipelines
Nice to Have
- Experience with DigiCert or similar enterprise PKI providers
- Exposure to AKS, Application Gateway, and API security
- Understanding of hybrid PKI environments (e.g. AD CS integration)