Security Professional
Posted Today by Webologix Ltd/ INC
Negotiable
Undetermined
Undetermined
London Area, United Kingdom
Summary: This role as a Security Professional involves supporting a large-scale retail transformation program by implementing and managing Microsoft 365 security technologies. The position focuses on enhancing cyber resilience across various platforms while collaborating with infrastructure, security, and business teams to deliver secure solutions. Key responsibilities include designing security solutions, managing email security, and responding to incidents within a complex enterprise environment. The ideal candidate will have strong experience with CIS Controls and Microsoft 365 security technologies.
Key Responsibilities:
- Design, implement and support Microsoft 365 security solutions including Microsoft Defender, Entra ID, Exchange Online Protection and Purview.
- Configure and manage security controls such as Conditional Access, MFA, Zero Trust policies and identity protection.
- Implement and maintain email security technologies including DMARC, DKIM, SPF and anti-phishing protections.
- Monitor, investigate and respond to security incidents and vulnerabilities using Microsoft security and SIEM tools.
- Support endpoint security and compliance initiatives across Intune, M365 and enterprise collaboration platforms.
- Collaborate with infrastructure, cloud, and application teams to strengthen overall security posture and reduce cyber risk.
- Perform security assessments, vulnerability remediation, and compliance activities aligned with organisational standards.
- Develop and maintain security documentation, operational procedures and technical standards for M365 environments.
- Support migration, transformation and modern workplace security initiatives within large enterprise environments.
- Provide technical guidance and best practices to operational teams and stakeholders on Microsoft security technologies.
Key Skills:
- Strong experience working with CIS Controls v8.1 and implementing security best practices.
- Strong experience in Microsoft 365 security technologies including Microsoft Defender, Entra ID (Azure AD), Exchange Online Protection and Purview.
- Hands-on expertise in implementing Conditional Access, MFA, identity protection and Zero Trust security principles.
- Experience managing email security solutions including DMARC, DKIM, SPF anti-phishing, and threat protection technologies.
- Good understanding of endpoint management and security using Intune and Microsoft Endpoint Manager.
- Experience in vulnerability management, security monitoring, incident response and remediation activities.
- Strong knowledge of Microsoft 365 compliance, data protection and governance capabilities including DLP and retention policies.
- Experience working in large enterprise or retail environments supporting cloud and digital transformation initiatives.
- Knowledge of security frameworks and standards such as CIS, NIST, ISO 27001, and cybersecurity best practices.
- Strong troubleshooting, analytical, and problem-solving skills with the ability to work in complex environments.
- Excellent communication and stakeholder management skills with the ability to collaborate across technical and business teams.
Salary (Rate): undetermined
City: London Area
Country: United Kingdom
Working Arrangements: undetermined
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Join a large-scale retail transformation program supporting a complex and fast-paced enterprise environment. This role offers the opportunity to work with cutting-edge Microsoft 365 security technologies to protect critical retail operations, customer data, digital platforms and collaboration services. You will play a key role in strengthening cyber resilience across identity and messaging platforms while supporting secure digital transformation initiatives across stores, supply chain and corporate environments. Working closely with infrastructure, security and business teams, you will help deliver scalable and secure solutions aligned with modern security and compliance standards.
Your responsibilities:
- Design, implement and support Microsoft 365 security solutions including Microsoft Defender, Entra ID, Exchange Online Protection and Purview.
- Configure and manage security controls such as Conditional Access, MFA, Zero Trust policies and identity protection.
- Implement and maintain email security technologies including DMARC, DKIM, SPF and anti-phishing protections.
- Monitor, investigate and respond to security incidents and vulnerabilities using Microsoft security and SIEM tools.
- Support endpoint security and compliance initiatives across Intune, M365 and enterprise collaboration platforms.
- Collaborate with infrastructure, cloud, and application teams to strengthen overall security posture and reduce cyber risk.
- Perform security assessments, vulnerability remediation, and compliance activities aligned with organisational standards.
- Develop and maintain security documentation, operational procedures and technical standards for M365 environments.
- Support migration, transformation and modern workplace security initiatives within large enterprise environments.
- Provide technical guidance and best practices to operational teams and stakeholders on Microsoft security technologies.
Strong experience in implementing and working with CIS Controls v8.1
Your Profile
Essential skills/knowledge/experience:
- Strong experience working with CIS Controls v8.1 and implementing security best practices.
- Strong experience in Microsoft 365 security technologies including Microsoft Defender, Entra ID (Azure AD), Exchange Online Protection and Purview.
- Hands-on expertise in implementing Conditional Access, MFA, identity protection and Zero Trust security principles.
- Experience managing email security solutions including DMARC, DKIM, SPF anti-phishing, and threat protection technologies.
- Good understanding of endpoint management and security using Intune and Microsoft Endpoint Manager.
- Experience in vulnerability management, security monitoring, incident response and remediation activities.
- Strong knowledge of Microsoft 365 compliance, data protection and governance capabilities including DLP and retention policies.
- Experience working in large enterprise or retail environments supporting cloud and digital transformation initiatives.
- Knowledge of security frameworks and standards such as CIS, NIST, ISO 27001, and cybersecurity best practices.
- Strong troubleshooting, analytical, and problem-solving skills with the ability to work in complex environments.
- Excellent communication and stakeholder management skills with the ability to collaborate across technical and business teams.
Desirable skills/knowledge/experience:
- Good understanding of mapping EUC security capabilities to CIS Controls v8.1
- Experience with Microsoft Sentinel, Defender XDR, and advanced threat hunting capabilities.
- Knowledge of hybrid identity environments integrating on-premises Active Directory with Entra ID.
- Experience supporting retail, enterprise, or large-scale customer-facing environments.
- Familiarity with automation and scripting using PowerShell for M365 administration and security operations.
- Understanding of cloud security, compliance and governance best practices within Azure and Microsoft 365 ecosystems.
- Experience working within ITIL-based service management and change management processes.
- Knowledge of vulnerability management and remediation tools such as Qualys or Defender Vulnerability Management.