Cloud Security Engineer

The Cloud Security Engineer (Azure) will support DOCOsoft’s cloud security operations and play a key role in enhancing the security posture of our Azure-hosted environments. The role involves administering Microsoft Defender security tools, designing and recommending Azure security solutions, improving governance aligned to ISO 27001 and SOC 2 controls, and supporting DevSecOps practices across our engineering teams.

This position is ideal for someone who can operate in a lean security team, work collaboratively with engineering, and proactively strengthen security-by-design across the DOCOsoft SaaS platform as we expand our Azure footprint and continue maturing our cloud security controls.

Responsibilities:

• Administer and optimize Microsoft Defender (Cloud, Identity, Endpoint) and Azure-native security tools; manage identity and access using Conditional Access, Entra ID Governance, and PIM.
• Maintain hardening standards across Azure resources (Key Vault, Storage, App Services, VMs, networking) and improve Azure Secure Score in line with internal policies and ISO 27001.
• Support secure design and review of Azure PaaS/IaaS workloads; advise on network security, API protection, encryption, segmentation, and Zero Trust; conduct threat modelling to embed security-by-design.
• Integrate security into CI/CD pipelines and GitHub workflows; assess Terraform/Bicep IaC and enforce policy-as-code (Azure Policy, GitHub Advanced Security); implement automated guardrails to reduce misconfigurations and strengthen compliance.
• Identify and remediate cloud vulnerabilities with engineering; support internal/external audits, maintain documentation and compliance evidence, and contribute to third-party risk assessments and customer security reviews.
• Enhance monitoring with Azure Monitor, Log Analytics, and Sentinel; develop KQL queries, dashboards, and detection rules; investigate alerts, manage incidents, support remediation and root cause analysis, and maintain cloud-specific incident response playbooks.

Key Skills/ Qualifications:

• Bachelor’s degree in Computer Science engineering, or related field.
• 4+ years in MS Azure cloud engineering with at least 2 years in MS Azure security engineering roles
• Strong hands-on experience with Azure security tools (Defender for Cloud, Sentinel, Entra ID, Key Vault, Azure Firewall, WAF, NSGs).
• Proficiency in Kusto Query Language (KQL) for Log analysis, threat hunting, and developing security detections in Sentinel and Log Analytics.
• Understanding of Azure networking, identity, encryption, and cloud governance.
• Experience with IaC security for Bicep (Terraform acceptable) and DevSecOps practices.
• Desirable Certifications: AZ‑500, SC‑200, SC‑100
• Knowledge of OWASP Top 10, secure coding, and secure API practices.
• Strong documentation, analytical, and communication skills.
• Familiarity with ISO 27001, ISO 22301 SOC 2, GDPR, and cloud security best practices.

Who we are: 

DOCOsoft is a leading software and services provider to Lloyd’s of London and the broader London insurance market. Since our foundation, we have grown to become one of the leading insurance software specialists in the London Insurance Market. We are a growing team of over 95 colleagues based in Dublin, London, Tokyo, Portugal, Spain, India and Poland.

Here’s what we have to offer: 

DOCOsoft aspires to be a market leader in the technology sector, and we are always looking for new ways to approach projects or improve existing content. We look to hire people that will help us achieve this with hard work, enthusiasm and an expression of their own ideas.  

We offer our people the opportunity to impact our growing business- everyone’s contribution matters! A team environment that is focused on the creation and delivery of great products for our clients.  Exciting challenges to grow and enhance their skills and a competitive pay and benefits package including; 

• • 25 days Annual Leave, 
  • Private pension, 
  • Bonus scheme, 
  • Private health, 
  • Life assurance.  

Equal Opportunity Employer: 

DOCOsoft is committed to building an inclusive and diverse team that represents a variety of backgrounds, experiences and perspectives. We welcome applications from all suitably qualified candidates, and do not discriminate on the grounds of race, religion, gender, marital or family status, age, disability, sexual orientation, membership of the travelling community or any other basis as protected by applicable law. Should you require reasonable accommodations during any stage of the recruitment process, please let us know.