Cloud Security Engineer

Dublin - Ireland

Monthly Salary: Not Disclosed

Posted on: 2 days ago

Vacancies: 1 Vacancy

Job Summary

The Cloud Security Engineer (Azure) will support DOCOsofts cloud security operations and play a key role in enhancing the security posture of our Azure-hosted environments. The role involves administering Microsoft Defender security tools designing and recommending Azure security solutions improving governance aligned to ISO 27001 and SOC 2 controls and supporting DevSecOps practices across our engineering teams.

This position is ideal for someone who can operate in a lean security team work collaboratively with engineering and proactively strengthen security-by-design across the DOCOsoft SaaS platform as we expand our Azure footprint and continue maturing our cloud security controls.

Responsibilities:

Administer and optimize Microsoft Defender (Cloud Identity Endpoint) and Azure-native security tools; manage identity and access using Conditional Access Entra ID Governance and PIM.
Maintain hardening standards across Azure resources (Key Vault Storage App Services VMs networking) and improve Azure Secure Score in line with internal policies and ISO 27001.
Support secure design and review of Azure PaaS/IaaS workloads; advise on network security API protection encryption segmentation and Zero Trust; conduct threat modelling to embed security-by-design.
Integrate security into CI/CD pipelines and GitHub workflows; assess Terraform/Bicep IaC and enforce policy-as-code (Azure Policy GitHub Advanced Security); implement automated guardrails to reduce misconfigurations and strengthen compliance.
Identify and remediate cloud vulnerabilities with engineering; support internal/external audits maintain documentation and compliance evidence and contribute to third-party risk assessments and customer security reviews.
Enhance monitoring with Azure Monitor Log Analytics and Sentinel; develop KQL queries dashboards and detection rules; investigate alerts manage incidents support remediation and root cause analysis and maintain cloud-specific incident response playbooks.

Key Skills/ Qualifications:

Bachelors degree in Computer Science engineering or related field.
4 years in MS Azure cloud engineering with at least 2 years in MS Azure security engineering roles
Strong hands-on experience with Azure security tools (Defender for Cloud Sentinel Entra ID Key Vault Azure Firewall WAF NSGs).
Proficiency in Kusto Query Language (KQL) for Log analysis threat hunting and developing security detections in Sentinel and Log Analytics.
Understanding of Azure networking identity encryption and cloud governance.
Experience with IaC security for Bicep (Terraform acceptable) and DevSecOps practices.
Desirable Certifications: AZ500 SC200 SC100
Knowledge of OWASP Top 10 secure coding and secure API practices.
Strong documentation analytical and communication skills.
Familiarity with ISO 27001 ISO 22301 SOC 2 GDPR and cloud security best practices.

Who we are:

DOCOsoft is a leading software and services provider to Lloyds of London and the broader London insurance market. Since our foundation we have grown to become one of the leading insurance software specialists in the London Insurance are a growing team of over 95 colleagues based in Dublin London Tokyo Portugal Spain India and Poland.

Heres what we have to offer:

DOCOsoft aspires to be a market leader in the technology sector and we are always looking for new ways to approach projects or improve existing content. We look to hire people that will help us achieve this with hard workenthusiasmand an expression of their own ideas.

We offer our people the opportunity toimpactour growing business- everyones contribution matters!A team environment that is focused on the creation and delivery of great products for our clients. Exciting challenges to grow and enhance their skills and a competitive pay and benefits packageincluding;

- 25 days Annual Leave
- Privatepension
- Bonus scheme
- Private health
- Life assurance.

Equal Opportunity Employer:

DOCOsoft is committed to building an inclusive and diverse team that represents a variety of backgrounds experiences and perspectives. We welcome applications from all suitably qualified candidates and do not discriminate on the grounds of race religion gender marital or family status age disability sexualorientation membership of the travelling community or any other basis as protected by applicable law. Should you require reasonable accommodations during any stage of the recruitment process please let us know.

Required Experience:

Manager

Responsibilities:

Administer and optimize Microsoft Defender (Cloud Identity Endpoint) and Azure-native security tools; manage identity and access using Conditional Access Entra ID Governance and PIM.
Maintain hardening standards across Azure resources (Key Vault Storage App Services VMs networking) and improve Azure Secure Score in line with internal policies and ISO 27001.
Support secure design and review of Azure PaaS/IaaS workloads; advise on network security API protection encryption segmentation and Zero Trust; conduct threat modelling to embed security-by-design.
Integrate security into CI/CD pipelines and GitHub workflows; assess Terraform/Bicep IaC and enforce policy-as-code (Azure Policy GitHub Advanced Security); implement automated guardrails to reduce misconfigurations and strengthen compliance.
Identify and remediate cloud vulnerabilities with engineering; support internal/external audits maintain documentation and compliance evidence and contribute to third-party risk assessments and customer security reviews.
Enhance monitoring with Azure Monitor Log Analytics and Sentinel; develop KQL queries dashboards and detection rules; investigate alerts manage incidents support remediation and root cause analysis and maintain cloud-specific incident response playbooks.

Key Skills/ Qualifications:

Bachelors degree in Computer Science engineering or related field.
4 years in MS Azure cloud engineering with at least 2 years in MS Azure security engineering roles
Strong hands-on experience with Azure security tools (Defender for Cloud Sentinel Entra ID Key Vault Azure Firewall WAF NSGs).
Proficiency in Kusto Query Language (KQL) for Log analysis threat hunting and developing security detections in Sentinel and Log Analytics.
Understanding of Azure networking identity encryption and cloud governance.
Experience with IaC security for Bicep (Terraform acceptable) and DevSecOps practices.
Desirable Certifications: AZ500 SC200 SC100
Knowledge of OWASP Top 10 secure coding and secure API practices.
Strong documentation analytical and communication skills.
Familiarity with ISO 27001 ISO 22301 SOC 2 GDPR and cloud security best practices.

Who we are:

Heres what we have to offer: