Overview

Cyber Security Specialist (Security Engineer – SaaS, Cloud & Infrastructure Security). This role offers the chance to build security operations from the ground up while working closely with IT Operations, IT Development, and our external MSP (Softcat) to embed cyber security across the organisation.

What you’ll be doing

This role includes hands-on security tooling, detection, governance, and incident response across the organisation.

• Define and tune alerting thresholds.
• Create and maintain incident playbooks.
• Handle and coordinate incident response for detected threats.
• Deploy and optimise Microsoft XDR/Defender policies for endpoints and identities.
• Roll out and manage Microsoft Purview DLP within M365.
• Establish escalation paths and document security workflows.

Security Tooling & Detection

• Configure and mature Datadog SIEM: define alerting thresholds, create and maintain incident playbooks, and manage incident response for detected threats.
• Deploy and optimise Microsoft XDR/Defender policies for endpoints and identities.
• Roll out and manage Microsoft Purview DLP within M365.
• Establish escalation paths and document security workflows.

Identity, Access & SaaS Security

• Administer Enterprise Applications in Entra IDP, including SSO, SAML, and OAuth integrations.
• Manage App Registrations, ensuring secure API permissions.
• Review and enforce RBAC across Azure, AWS, and SaaS platforms.
• Ensure SaaS platform user records are accurate in Snipe-IT, coordinating with IT Operations and HR processes.
• Perform periodic access reviews of SaaS tools and integrations.
• Work with IT Services engineers to ensure SOC2-compliant onboarding and offboarding processes are followed for all users and systems.

Infrastructure & Network Security

• Collaborate with Softcat (our MSP) on Cisco Meraki firewall, Cloudflare VPN, and VLAN security policies, ensuring changes meet security requirements.
• Deploy and maintain NetBox as the authoritative IP address management (IPAM) system.
• Build IP lifecycle processes (allocation, retirement, documentation, reporting).
• Integrate NetBox with SIEM and automation tooling to ensure visibility and compliance.

Governance, Reporting & Continuous Improvement

• Improve and maintain the organisation’s Microsoft Secure Score, addressing identified weaknesses and tracking improvements.
• Produce weekly security overview reports covering alerts, incidents, SaaS changes, and current security posture.
• Deliver monthly improvement reports, highlighting progress, risks addressed, and roadmap priorities.
• Maintain clear documentation of security processes, policies, and configurations.
• Partner with IT Operations, IT Development, and external MSPs to embed security into daily workflows and projects.

What you’ll bring

• Hands-on experience with Datadog SIEM (alerting, thresholds, playbooks, incident response).
• Knowledge of Microsoft XDR/Defender, Purview DLP (M365), and Secure Score.
• Experience with Entra IDP, SSO/SAML, and Enterprise App management.
• Familiarity with Azure and AWS security principles (IAM, RBAC, guardrails).
• Ability to work effectively with an external MSP (Softcat) to influence and oversee secure network changes.
• Experience with or strong interest in NetBox or other IPAM tooling.
• Experience with SaaS asset/user management tools (Snipe-IT a plus).
• Strong reporting and communication skills for both technical and non-technical audiences.

The great stuff

• Experience collaborating with cross-functional teams (Ops, Dev, HR, Finance).
• Knowledge of compliance frameworks (SOC2, PCI-DSS, ISO 27001, GDPR).
• Familiarity with automation and APIs for integrating security tools.
• Comfortable working in a greenfield security environment where processes and tooling are still maturing.

Nice to have

• Microsoft SC-200 (Security Operations Analyst)
• Microsoft SC-300 (Identity & Access Administrator)
• Azure Security Engineer Associate (AZ-500)
• WS Security Specialty
• CompTIA Security+ or CISSP

Perks of the job

• A modern, energetic, dynamic, and sociable office based in London\'s Shoreditch.
• The opportunity to build security operations from the ground up.
• Ownership of Microsoft Secure Score improvements as a visible measure of success
• Exposure to a diverse stack across cloud, SaaS, and infrastructure.
• Support for training and professional certifications.
• Competitive salary.
• 25 days holiday – Additional 1 day for each completed calendar year capped at 30 days.
• 8% employer pension contribution.
• Life Assurance – 3 x your annual salary
• Early Finish Fridays every week.
• Everyday Benefits – including Cycle to Work scheme, discounted Gym Memberships
• Eyecare Vouchers

Who are we?

BrandAlley is the go-to destination for designer brands at fantastic, exclusive prices. We’re a members-only site home to hundreds of some of the best high-profile labels in fashion, beauty and home. We stock an extensive selection of previous and current season stock at up to 90% off the RRP, from Vivienne Westwood and Alexander McQueen to Molton Brown and Philip Kingsley. With new brands launching every week, our flash sales are exclusive and filled with highly in-demand pieces that mean time is of the essence! For an instant luxury hit, our members can also shop in our permanent designer treasure trove – the Outlet – where everything is available for immediate dispatch.

We understand that privacy and the security of your personal information is extremely important. BrandAlley UK Ltd collects, processes, and ensures the security of all personal data that we gather in accordance with data protection laws.

BrandAlley UK Ltd are proud to be an equal opportunities employer who provide equal employment opportunity regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, and sexual orientation.

London, England, United Kingdom 2 months ago