Head of Azure Platform Security

- Hands-on Azure cloud security architecture and implementation knowledge, including Defender for Cloud, Policy-as-Code, RBAC, PIM, private endpoints, and secure landing zone design - Experience in cloud security with AWS considered as a plus - Network security engineering expertise: firewall policy design, micro-segmentation, NSG/UDR/NVA architecture, hub-spoke topology, and perimeter defense for hybrid environments - WAF design, deployment, and operational tuning experience with knowledge of Cloudflare or Azure Application Gateway - Proficiency in network flow log analysis and intrusion detection engineering - SIEM engineering skills: detection rule authoring (KQL, SPL), log pipeline design, alert correlation, triage workflow - Competence in endpoint and desktop security, including EDR deployment and tuning, device management with Intune/Jamf - API and application security knowledge with experience in threat modeling, OAuth 2.0/OIDC implementation, and secure SDLC integration - Familiarity with PKI, certificate lifecycle automation, identity federation, and SSO across hybrid and on-premises environments - Security automation experience using Python, PowerShell, Terraform, Bicep, or similar - Understanding of MITRE ATT&CK framework, threat hunting, and proactive gap analysis - Prior experience in cloud infrastructure, preferably Azure, with knowledge of IAM and automated deployment pipelines - (Nice to have) Experience in financial services, trading, or capital markets; familiarity with zero-trust architecture, DDoS mitigation, and regulatory frameworks like ISO 27001, SOC 2, DORA - (Nice to have) Experience with red team exercises or penetration testing programmes