Simpson Associates transforms raw data into actionable insights that drive positive change.
Our Microsoft data expertise, our specialist sector knowledge, plus our innovative and trusted advice and guidance are just some of the reasons clients choose to work with us.
Our mission is to help purpose-led organisations from within the public and private sectors to harness data as a lever for change and enable them to realise business value more quickly. We provide the full range of services to support organisations on their data transformation journey. From advisory support and data strategy, to developing Data & AI solutions, right through to providing a range of managed services.
We are a Microsoft Solutions Partner, holding Specialisations in AI Platform on Microsoft Azure, Analytics on Microsoft Azure, Data Warehouse Migration to Microsoft Azure and Migrate Enterprise Applications to Microsoft Azure, as well as holding Solutions Partner designations in Data & AI (Azure); Digital & App Innovation (Azure); Infrastructure (Azure) and Security.
But it's not just about the badges. We are proud to be recognised as the winner of the 2024 Microsoft Community Response Partner of the Year award, reflecting our dedication to using technology for positive change. We are also a Databricks partner, and an IBM Gold Partner, specialising in Cognos Analytics and Planning Analytics.
With offices in York and Sheffield, and a team based throughout the UK – we champion creativity, innovation and collaboration in the workplace.
The Role
A Cloud Platform Security Consultant to partner with our clients in designing, implementing, and maintaining security controls across their Azure cloud platforms.
You will work directly with customers to enhance their threat detection capabilities, establish security monitoring frameworks, support incident response activities, and ensure their cloud infrastructure meets regulatory requirements, industry best practices, and aligns with the Azure Well-Architected Framework and Cloud Adoption Framework principles.
Key Responsibilities
Security Monitoring & Threat Detection
Design and maintain security monitoring solutions using Microsoft Sentinel and other SIEM tools
Develop and optimise KQL queries for threat hunting, detection rules, and analytics
Investigate security incidents and coordinate response activities
Map threats and detections to the MITRE ATT&CK framework
Perform continuous threat intelligence analysis and proactive threat hunting
Cloud Security Architecture
Implement and maintain security controls across Azure landing zones and workloads
Secure AI and machine learning workloads, including Azure OpenAI, Azure ML, and Cognitive Services
Design and enforce network security policies using Azure Firewall, NSGs, and Private Link
Implement identity and access management controls using Entra ID and conditional access
Ensure compliance with relevant cyber security legislation (GDPR, NIS Directive, UK Cyber Essentials, etc.)
Automation & Engineering
Develop security automation workflows using Azure Logic Apps, Functions, and Sentinel playbooks
Implement security controls as code (policy as code, infrastructure as code)
Build automated security testing and validation pipelines
Create custom connectors and integrations for security tooling
Governance & Compliance
Maintain security policies and standards aligned to industry frameworks
Conduct security assessments and gap analyses
Support audit and compliance activities for public sector clients
Produce security documentation, reports, and technical guidance
Skills and Attributes Required
Strong hands-on experience with Microsoft Sentinel including workbook creation, analytics rules, and automation
Advanced Search Query Language proficiency, ideally KQL, for log analysis and threat hunting
Deep knowledge of Azure security services (Defender for Cloud, Key Vault, Managed Identity, etc.)
Experience with SIEM tools and security information management
Understanding of the MITRE ATT&CK framework and its practical application
Strong analytical skills with ability to investigate complex security incidents
Proven ability to develop automation solutions for security operations
Knowledge of cyber security legislation and regulatory requirements (UK public sector experience advantageous)
Experience with Azure DevOps, Infrastructure as Code (Terraform/Bicep)
Experience securing AI workloads and understanding AI-specific threat vectors
Experience in stakeholder management
Experience in Project Management – Prince 2 or Agile Methodologies
Advantageous Qualifications and Skills
Degree in Computer Science, Cyber Security, or related field (or equivalent experience)
Industry certifications such as CISSP, CEH, GIAC, or Microsoft security certifications
Microsoft security certifications (SC-200, SC-300, AZ-500)
Knowledge of data platform security (Databricks, Synapse, Fabric)
Experience with Microsoft Purview for data security, including Sensitive Information Types, DLP policies, and DSPM
Familiarity with penetration testing and vulnerability management tools
Experience working with NHS, police, or local government clients
Understanding of FinOps and cloud cost optimisation
Simpson Associates reserves the right to close the recruitment process at any time.