Role Summary

We are seeking a Cloud Security Specialist with handson experience across Azure, M365 and preferably Google Cloud Platform (GCP). The role focuses on assessing and improving cloud security configurations and advising on best practices across Azure IaaS and GCP environments. You will bring a strong engineering background in managing compute, network and storage resources in cloud and hybrid environments, along with extensive experience of Terraform, Azure Defender, Conditional Access and DevSecOps.

Key responsibilities and deliverables

• Assess the security configuration of Azure IaaS and GCP environments (infrastructure, containers and DevOps pipelines) and provide recommendations based on industry best practice and emerging threats.

• Design, implement and manage secure Azure cloud infrastructure (e.g. virtual networks, VMs, storage, identity services) and provide cloudsecurity SME support to Cyber Incident Response when required.

• Administer and enhance Azure security across IaaS, containers (e.g. AKS) and DevOps pipelines; implement and review security controls for cloudnative applications and services.

• Review Terraformbased infrastructureascode to identify and mitigate security risks; advise on securing automated provisioning processes.

• Evaluate and optimise Azure Defender and other monitoring tools (including in GCP), assess and refine Conditional Access/IAM strategies, embed security into DevSecOps/CICD pipelines, and ensure cloud environments meet compliance and governance requirements.

• Collaborate with cloud, DevOps, Networks and development teams to align security with operational goals, and promote continuous improvement and innovation in cloud security.

Key requirements

Essential

• 5+ years experience in cloud security, with strong focus on Azure IaaS and exposure to (preferably) Google Cloud.

• Handson experience administering Azure security environments, including IaaS, containers (e.g. AKS) and DevOps pipelines.

• Strong background in administering compute, network and storage resources in cloud and hybrid environments.

• Proficiency with Terraform and infrastructureascode best practices, including the ability to review scripts for security issues.

• Extensive experience with Azure security services and tooling (e.g. Defender, Conditional Access), strong problemsolving skills, and the ability to communicate security issues clearly to technical and nontechnical stakeholders.

Desirable

• Relevant cloud/security certifications (e.g. Azure Security Engineer, Google Professional Cloud Security Engineer).

• Experience contributing cloud security expertise to incident response and investigations.

• Experience in complex or regulated enterprise environments with formal governance frameworks.

• Demonstrated ability to manage through change and drive improvements in security processes and tooling.

• Experience working in a consulting or advisory capacity, building strong relationships across crossfunctional teams.

Inclusion

Freshfields is an equal opportunities employer and all applications received by the firm will be considered on the basis of their merit alone. We welcome applications from all suitably qualified individuals regardless of background. All offers of employment will be conditional on the candidate having/securing the right to work in the UK in the role in question and providing the firm with evidence of that right (as required by the Immigration, Asylum and Nationality Act 2006) prior to employment commencing.

Freshfields is a Ban the Box employer. We ask applicants to disclose criminal convictions only if and when a conditional job offer is made. A conviction does not automatically lead to withdrawal of the offer: we make decisions on a case-by-case basis and take a number of relevant factors into account (e.g. the role you are applying for and the circumstances of the offence). You would have the opportunity to discuss the matter with us before we make a decision.

Location: Manchester

Time Type: Full time