Cloud Security Engineer

The Premier League

Job Location:

London - UK

Monthly Salary: Not Disclosed

Posted on: 12 hours ago

Vacancies: 1 Vacancy

Job Summary

The Premier League is seeking a Cloud Security Engineer to lead the design implementation and operation of security controls across our cloud platforms. This role is responsible for securing Azure AWS and M365 environments embedding secure-by-design principles into cloud architecture and enhancing detection and response capabilities across the estate.

Who we are

The Premier League is home to some of the most competitive and compelling football in the world. The League and its Clubs use the power and popularity of the competition to inspire fans communities and partners in the UK and across the world. The Premier League brings people together from all backgrounds. It is a competition for everyone everywhere and is available to watch in over 900 million homes in 189 countries.

We have a wide variety of responsibilities. These include organising the competition and its Handbook Book as well as managing the centralised broadcast and commercial rights. The work we do in conjunction with the Clubs also goes far beyond the 90 minutes. We support and provide a framework for youth development we protect the organisations intellectual property support the wider game and community programmes undertake international development work and liaise with governing bodies and other leagues.

The Premier League is an equal opportunities employer and strives to create an inclusive culture where talent can flourish. We believe in the potential of everyone and open our doors to those who share those values. All appointments will be made based on merit; however we particularly encourage applications from women people from minority ethnic communities LGBTQ people and disabled people.

Our hybrid-working model also allows you some variety on your place of work offering you the chance to work from home on some days each week. Where possible you will attend the office or site visits in line with our company policy. All staff liaise closely with their line manager to manage their time appropriately and according to their work and team requirements.

The role

Cloud platform security

Deploy and manage security controls across Azure AWS and Microsoft 365 environments.
Apply and maintain Azure Policy RBAC and Privileged Identity Management (PIM).
Secure cloud infrastructure using Microsoft Defender for Cloud and native platform capabilities.

Detection & response engineering

Develop and improve cloud detection use cases within Microsoft Sentinel in collaboration with XDR provider.
Integrate cloud telemetry (Azure AWS SaaS) into central monitoring.
Support the Senior IS Analyst as the incident response lead in the investigation of cloud-related incidents as a subject matter expert.

CSPM & exposure management

Own and operate all CSPM technology.
Identify and remediate cloud misconfigurations and exposure risks.
Work with Data Security to correlate infrastructure risk with data sensitivity.

DevSecOps & secure architecture

Implement security controls infrastructure-as-code pipelines.
Enforce secure configuration standards for cloud environments.
Provide cloud security advice to DevOps on projects and cloud configuration.

Tooling automation & integration

Drive automation using PowerShell CLI Bicep Terraform or equivalent.
Integrate security tooling across identity cloud and monitoring platforms.
Support integration of DSPM tooling into cloud environments and logging pipelines.

Collaboration & governance

Work closely with IT TechOps and relevant third parties to maintain secure-by-design governance.
Collaborate with Data Security on applying data protection controls within cloud platforms.
Contribute to KPIs/KRIs and continuous improvement aligned to NIST CSF / ISO 27001.

Requirements for the role

Ability to work independently and take initiative to drive outcomes.
Previous experience in cloud infrastructure engineering.
Strong experience with Microsoft Azure security tools and cloud configurations.
Experience managing Microsoft 365 security and compliance solutions.
Familiarity with AWS security principles and tooling (IAM Security Hub GuardDuty).
Demonstratable use of Microsoft Defender XDR Defender for Cloud and Orca.
Experience in scripting and automation using PowerShell CLI or infrastructure as code.
Knowledge of SIEM/SOAR solutions (Microsoft Sentinel preferred).
Experience responding to and analysing security incidents.
Working knowledge of industry standards such as NIST CSF ISO 27001 CIS Benchmarks.
Comfortable communicating with both technical and non-technical audiences.
Understanding of KPIs/KRIs in the context of cloud security monitoring.
Qualified to or studying for certifications such as:

o Microsoft Certified: Azure Security Engineer Associate (AZ-500)

o Microsoft Certified: Cybersecurity Architect (SC-100)
o AWS Security Specialty
o CompTIA Security
o GIAC Certified Cloud Security Automation (GCSA)

Our commitment to safeguarding includes implementing robust safer recruitment procedures to assess the suitability of individuals applying for roles that involve work with children and adults who are or may be at risk of harm. For further information please see our Safeguarding Policy and Safer Recruitment Guidance.

To apply please visit our careers page and apply with your CV and a cover letter. The closing date for applications is 17 May 2026.

We will remove barriers that prospective candidates might face at any stage of our recruitment process. If you have a disability and would like the advert in an alternative format or would like to talk about how we can adjust the interview process to best support you please contact

Required Experience: