Job Specifications
Salary: Up to £70,000 + benefits
Location: Hybrid — 3 days per week in Guildford
This is an excellent opportunity to shape and mature a growing security capability within a forward-thinking, cloud-first environment.
Security & Infrastructure Engineer
My client is undergoing a major technology evolution, modernising and strengthening its hybrid cloud estate with a strong focus on security, resilience, and scalable growth. They are looking for a hands-on Security & Infrastructure Engineer to help elevate and continuously enhance their security posture across cloud, on-prem, and SaaS environments.
This is a practical engineering role suited to someone who enjoys operating at pace, solving complex problems, and driving security best practice across a diverse technology landscape.
Cloud & Infrastructure Security
Configure and support Azure security capabilities (Defender, Firewall, Policy, monitoring, backup).
Implement secure cloud architecture aligned to best practice landing zone principles.
Manage conditional access, patching, and hybrid infrastructure security controls.
Contribute to Infrastructure-as-Code and secure CI/CD practices.
Microsoft 365 & Identity Security
Strengthen security across Microsoft 365, Entra ID, and associated services.
Enhance identity governance, privileged access management, DLP, and data classification.
Support Defender tooling and alert management.
Threat & Vulnerability Management
Work with SOC partners to triage and respond to alerts.
Conduct vulnerability assessments and coordinate remediation efforts.
Enhance endpoint protection and XDR capabilities.
Security Operations & Compliance
Harden Windows Server, Active Directory, endpoints, and virtual desktop environments.
Maintain logging, monitoring, and alerting coverage.
Support external audits and recognised security certifications (e.g., Cyber Essentials Plus, ISO 27001, SOC 2).
About You
3+ years’ experience in security engineering or cyber operations.
Strong hands-on Azure and Microsoft 365 security expertise.
Experience with vulnerability management and endpoint protection tooling.
Solid understanding of Zero Trust principles and cloud security architecture.
Comfortable working cross-functionally and influencing security best practice.
Relevant certifications (Microsoft Security, Azure, ISC2, CompTIA, CCSK) and experience with Infrastructure-as-Code frameworks are advantageous.
About the Company
Founded in 2018, Digital Waffle is a leading tech & digital recruitment agency. We are dedicated to finding and matching the best digital talent with growing businesses across the UK, EU, and USA.
As a trusted tech recruitment agency, we focus on roles in marketing, technology, IT, data, and operations. Digital Waffle takes pride in making the recruitment process smooth and efficient, ensuring the perfect fit for both employers and candidates.
Tech and digital recruitment is not just our business; it's our passion. With an...
Know more