Cyber Security Engineer: Identity and Infrastructure

Why are we recruiting?

In a world where cyber challenges and opportunities are constantly evolving, we are committed to staying ahead of the curve. With new investment aimed at enhancing the NAO's security maturity our Information Security team is expanding. This is your chance to join a dynamic organisation with clear strategic objectives and help advance our data use and embrace new technologies securely.

We're not just growing-we're evolving. As part of a forward-thinking organisation with a strong mandate to harness data and embrace cutting-edge technologies, our InfoSec team is central to enabling and securing the NAO's digital future.

We're on the lookout for passionate, curious, and collaborative security professionals across a wide range of specialisms. Whether your expertise lies in governance, engineering, threat detection, or cloud security, you'll find real scope to make an impact-both within InfoSec and across the wider organisation.

• Be part of a diverse and expanding team that thrives on challenge and innovation.
• Work in a complex, data-rich environment where your insights will shape national-level outcomes.
• Help embed security into every layer of our digital transformation-from strategy to code.

This is more than a job. It's a chance to help define the future of security at the NAO and be part of a high performing, and fun team.

Context and main purpose of the job:

Why are we recruiting for this role?

Supporting the NAO's strategic objective to improve our digital and data capabilities and enabling innovation, our expanded Information Security team requires a skilled cyber security engineer with broad capabilities, dedicated to delivering new and developing existing cyber security capabilities.

The Cyber Security Engineer will lead on the development of our critical cyber security systems, tools, and processes, maintaining and improving the NAO's security posture and risk profile in support of our ambition of being an exemplar organisation.

Who are the team?

The role sits within an inclusive, diverse, respectful, and agile team of information security professionals responsible for enabling the business to better understand, identify and manage the threats and risks that could impact the NAO's ability to deliver on its vision and strategy.

What are the main responsibilities of this role?

The Cyber Security Engineer will lead on the development and optimisation of identity and authentication, secure build and infrastructure security, securing our use of endpoint technologies, and public, private and hybrid cloud technologies, across various SaaS, PaaS, and IaaS services.

The successful candidate will have an excellent knowledge of how to deliver secure-by-design and an understanding of how to develop and enhance these capabilities.

The Cyber Security Engineer will advise on, support, and implement best practice controls within the Microsoft Defender, Azure and Intune suite of security and technology management services. They will maintain currency with the evolving Microsoft security and data privacy tools available to the NAO, optimising the controls and identifying any gaps.

They will be able to communicate effectively with all levels of users, demonstrate competence, instil confidence, and deliver a high level of internal customer service. They will coach team members, helping them to develop their skills. They will also educate and advise colleagues on information security best practice.

They will be required to use their experience, initiative, research, and problem-solving skills to resolve issues and create written documentation.

The "hands-on" role requires a thorough understanding of the Microsoft's Azure and Defender tools at an expert level, as well as the ability to adapt to new technologies, learn new procedures, determine the source of problems, and advise on both tactical and strategic solutions. You'll bring a proactive and security-first mindset and an ability to bridge between technical engineering and strategic security objectives.

Responsibilities:

While the role will be broad and varied the early priorities will include:

• Vulnerability Management & Hardening
• Expand and optimise vulnerability scanning tools and processes
• Maintain the Vulnerability Management processes and co-ordinating the response to vulnerability remediation
• Oversee remediation plans and ensure secure configurations (CIS, Microsoft baselines) across all environments
• Build and maintain secure images for endpoints, VMs, and servers (Intune, Azure)

Identity & Access Security:

• Design, implement and maintain Conditional Access policies aligned to Zero Trust principles
• Lead privileged identity management (PIM/PAM) efforts using Microsoft Entra and Defender tools
• Maintain and configure password vaulting solutions for service and privileged accounts

Infrastructure & Cloud Security:

• Harden Azure resources and services in line with industry standards (e.g., Microsoft Defender for Cloud recommendations)
• Manage and fine-tune Web Application Firewall (WAF) configurations and network security control
• Contribute to security architecture and secure design reviews of infrastructure projects

Testing & Assurance:

• Support insider threat simulations and light internal red-teaming (e.g., phishing, credential testing, lateral movement)
• Collaborate with SecOps services to tune detection rules and response playbooks

Stakeholder Engagement:

• Evangelising information security, as an SME, across the NAO.
• Collaborate with and build relationships with key stakeholder groups, such as Information Security and Digital Services.
• Build strong relationships with stakeholder groups outside of the team to establish a strong understanding of the organisation and its needs.

Risk Management:

• Proactively identify, evaluate, and assess threats and risks that may impact the NAO's ability to deliver on its vision and strategy.
• Contribute to the management and maintenance of the Information Security Risk Register.
• Manage and coordinate the delivery of appropriate and proportionate risk treatments in line with the NAO's risk appetite.

Continuous Improvement:

• Maintain awareness of security industry best practice to drive continuous improvement within the organisation.
• Identify, develop, implement, and continuously improve appropriate and proportionate cloud security controls in response to an evolving threat landscape.
• Provide technical expertise in support of internal security designs, projects, and activities.
• Work in collaboration with the wider Information Security and Digital Services teams in the continuous improvement of cloud controls, policies, and standards; as part of our ISO27001 certified Information Security.

Key skills/competencies required:

Essential:

• Substantial experience in cyber security with a particular focus on infrastructure, cloud security, and identity access management.
• Relevant professional certifications (for example, AZ-500, SC-300, CISSP, CEH, CompTIA Security+).
• Practical experience with Microsoft Entra ID, Conditional Access, Defender for Endpoint/Cloud, and Intune.
• Applied knowledge of configuring web application firewalls (e.g., Azure Front Door, AWS WAF, Cloudflare).
• Experience in establishing and maintaining vulnerability management programmes and patch governance.
• Understanding of Zero Trust Architecture and principles of identity-driven security.
• Experience with Privileged Access Management (PAM) tools such as Entra PIM, CyberArk, BeyondTrust, or Thycotic.
• Familiarity with password vault solutions (for example, HashiCorp Vault, KeePass, 1Password Teams).

Desirable:

• Experience in working within, or implementing, an ISO 27001 Information Security Management System (ISMS).
• Knowledge of scripting and automation tools and languages (e.g., PowerShell, Terraform, Python, RegEx).
• Exposure to insider threat detection or internal penetration testing methodologies.
• Experience working in regulated sectors or security-focused environments.