Lead Security Engineer
- Location: Yeovil, Somerset, England
- Salary: £50 - 80 per hour
- Category
- Sector: Aerospace and Defence
- Contract type Contract
- Consultant: Abigail Hall
M365 Security Design Engineer
6 months
Remote (occasional site visit Luton/ Yeovil/ other client sites)
Up to £80 per hour – outside IR35.
We are looking for a knowledgeable and proactive M365 Security Design Engineer to lead the design and implementation of security solutions within the Microsoft 365 ecosystem. The ideal candidate will have deep technical expertise in M365 security capabilities and a strong understanding of modern cyber threats, compliance requirements, and enterprise security architecture.
Key Responsibilities:
• Design and implement security controls across E5 Microsoft 365 services (e.g., Endpoints; Exchange Online, SharePoint Online, OneDrive, Teams).
• Support Windows 11 and Exchange Online projects through their design and deployment stages.
• Develop and maintain security configurations and baselines in line with industry standards (e.g., NIST, CIS, ISO 27001).
• Configure and manage Microsoft Defender for Office 365 / Cloud / Endpoint / Servers, Purview (Information Protection, Data Loss Prevention), and Microsoft Entra (Azure AD) security features.
• Experience of integrating with MS Sentinel and working with existing SOC teams to adopt Sentinel technology capability.
• Experience of implementing MS Privileged Identity Management (PIM)
• Provide security input and guidance on identity and access management, conditional access policies, and zero trust architecture.
• Conduct risk assessments, gap analysis, and security impact analysis for M365 deployments and integrations.
• Collaborate with security operations and compliance teams to monitor, investigate, and remediate threats and incidents.
• Maintain up-to-date documentation and deliver training or knowledge transfer sessions to operational teams
Required Skills and Qualifications:
• Proven experience designing and securing M365 environments in enterprise settings.
• In-depth knowledge of Microsoft 365 security technologies, including Defender suite, Purview, and Entra ID.
• Strong understanding of identity, access management, and conditional access controls.
• Familiarity with regulatory and compliance frameworks such as GDPR, HIPAA, and ISO 27001.
• Proficient with Microsoft security and compliance portals, PowerShell scripting, and automation tools.
• Relevant Microsoft certifications (e.g., SC-100, SC-300, MS-500, AZ-500) are highly desirable.