Cloud Security Engineer
Posted Today by TXP
£550 Per day
Inside
Remote
London, UK
Summary: The Cloud Security Engineer role focuses on delivering a pre-defined enterprise PKI solution within Azure, requiring hands-on expertise in Azure Key Vault, PKI, and certificate automation. The position involves implementing and integrating PKI capabilities, managing certificate life cycles, and supporting secure onboarding of workloads. This is a delivery-focused role ideal for candidates with deep technical knowledge in cloud security. The contract is short-term, running until the end of June 2026, and is fully remote.
Key Responsibilities:
- Implement and integrate an enterprise PKI solution (eg DigiCert or equivalent) within Azure
- Configure Azure Key Vault for certificate and key management (RBAC, private endpoints, rotation)
- Enable certificate life cycle management including issuance, renewal, and automation
- Support TLS enforcement and mTLS implementation across services
- Integrate certificates into Azure services and CI/CD pipelines
- Support secure onboarding of platforms including AKS, App Gateway, and APIs
- Assess and support hybrid PKI integration (where applicable)
- Define and enforce certificate governance standards (eg no self-signed certs, revocation policies, auditing)
- Produce clear, client-ready documentation and implementation standards
Key Skills:
- Strong experience with Azure Key Vault (certificates, keys, RBAC)
- Deep understanding of PKI fundamentals (CA hierarchy, CRL/OCSP, certificate issuance & revocation)
- Proven experience in certificate life cycle automation
- Strong knowledge of TLS/mTLS implementation
- Experience integrating security into cloud platforms and CI/CD pipelines
Salary (Rate): £550 daily
City: London
Country: UK
Working Arrangements: remote
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Cloud Security Engineer
Inside IR35, £550
Fully remote
ASAP start, short term contract through till end of June 2026
The Role
We are looking for an experienced Cloud Security Engineer (Azure PKI) to take a hands-on role in delivering a pre-defined enterprise PKI solution.
You'll be responsible for implementing and integrating PKI capabilities within Azure, enabling secure certificate life cycle management, and supporting the onboarding of workloads across key platforms.
This is a delivery-focused, hands-on role, ideal for someone with deep expertise in Azure Key Vault, PKI, and certificate automation.
Key Responsibilities- Implement and integrate an enterprise PKI solution (eg DigiCert or equivalent) within Azure
- Configure Azure Key Vault for certificate and key management (RBAC, private endpoints, rotation)
- Enable certificate life cycle management including issuance, renewal, and automation
- Support TLS enforcement and mTLS implementation across services
- Integrate certificates into Azure services and CI/CD pipelines
- Support secure onboarding of platforms including AKS, App Gateway, and APIs
- Assess and support hybrid PKI integration (where applicable)
- Define and enforce certificate governance standards (eg no self-signed certs, revocation policies, auditing)
- Produce clear, client-ready documentation and implementation standards
Core Skills & Experience
- Strong experience with Azure Key Vault (certificates, keys, RBAC)
- Deep understanding of PKI fundamentals (CA hierarchy, CRL/OCSP, certificate issuance & revocation)
- Proven experience in certificate life cycle automation
- Strong knowledge of TLS/mTLS implementation
- Experience integrating security into cloud platforms and CI/CD pipelines
Nice to Have
- Experience with DigiCert or similar enterprise PKI providers
- Exposure to AKS, Application Gateway, and API security
- Understanding of hybrid PKI environments (eg AD CS integration)