Position Overview As a Cloud Security & Compliance Engineer, you will play a vital role in securing and maintaining RDT’s cloud-based infrastructure while ensuring compliance with industry standards. This position requires a strong Azure technical foundation, working alongside SREs to form part of the second line on-call team responsible for Infrastructure-related support. Your primary focus will be security, compliance, and risk management, while also contributing to incident response, identity management, automation, and compliance tracking. Key Responsibilities Security & Compliance Operations Monitor and analyse security alerts across the estate and escalations from the managed Security Operations Centre (SOC) Conduct vulnerability scans and security assessments across Azure cloud infrastructure. Ensure ISO27001, NIST CSF, GDPR, and Cyber Essentials Plus compliance. Support compliance reporting and tracking, ensuring alignment with regulatory requirements. Incident Response & Risk Management First-line security escalation for incidents, working with SREs and RDT’s managed SOC provider to remediate threats. Perform forensic analysis and post-incident reporting on security events. Maintain and update security risk registers, ensuring proper risk treatment planning. Lead or assist in root cause analysis (RCA) for security-related incidents. Azure Cloud Security & Identity Management Administer Azure Active Directory (AAD), Privileged Identity Management (PIM), and role-based access control (RBAC). Support Azure Policy and Security Baselines to maintain compliance across cloud environments. Work with SREs, Platform Engineers and Architects to optimize Azure security posture. Automation & Security Engineering Develop and maintain security automation workflows using Azure Automation, PowerShell, and Terraform. Collaborate with SREs to integrate security monitoring into CI/CD pipelines. Ensure security best practices are embedded in Azure infrastructure deployments. On-Call & Infrastructure Support Participate in the second line on-call team, responsible for Infrastructure-related support across SRE & Security teams. Assist in out-of-hours security incident response, working alongside Cloud Infrastructure Engineers and SREs. Ensure continuous monitoring of security posture and assist in post-incident remediation. Technical Skills & Requirements 3 years in IT security operations, cloud security, or compliance engineering with an Azure focus. Strong hands-on experience with Azure security technologies (Defender, Security Center, PIM, Policy). Familiarity with compliance automation tooling principles (we use Vanta). Incident response experience, including SIEM triage, forensic analysis, and remediation coordination. Proficiency in PowerShell scripting for security automation. Strong knowledge of ISO27001, NIST CSF, GDPR, and Cyber Essentials Plus frameworks. Experience working within an ITIL V4 Incident Management framework. Ability to work in an on-call rotation, ensuring 24/7 coverage for security and infrastructure incidents. Desirable Skills Azure certifications (AZ-500, AZ-104) or ISO27001 Lead Implementer certification. Experience with Terraform or Infrastructure-as-Code (IaC) for security automation. Exposure to SOC2 compliance processes and third-party security assessments. Hands-on experience in DevSecOps security integration. Hands-on experience with Threat Modelling Tools. Benefits & Opportunities Be part of a new Security & Compliance team, shaping security strategy in an Azure-centric managed service. Work alongside SREs and Cloud Infrastructure Engineers, developing a broad infrastructure coverage model. Engage in hands-on security automation, compliance tracking, and threat monitoring. Competitive salary and benefits, with certification support for career development. Collaborative Environment: Be part of a collaborative and inclusive work environment that values diversity and innovation. Company Overview RDT is a leading technology company specializing in innovative software solutions. We are committed to fostering a culture of continuous learning and growth, providing our employees with opportunities to excel and make a meaningful impact. Join us and be part of a team that is shaping the future of technology. How To Apply If you are passionate about cloud security and compliance and eager to for a forward thinking InsureTech specialist with big plans in this space, we would love to hear from you. Please email your CV and any relevant project work or portfolio to talentrdt.co.uk. We look forward to receiving your application and exploring the possibility of you joining our talented team at RDT.