Job Description
Azure DevSecOps Consultant – Information Security
Location: Ipswich, Suffolk Onsite/Hybrid (UK – 3 days per week in office). Candidates must live a commutable distance from Ipswich.
We are partnered with a major enterprise undergoing significant cloud-security transformation, and we're seeking an experienced Azure DevSecOps Consultant to join their Information Security function. This is a pivotal, hands-on role focused on designing, implementing, and automating secure-by-design cloud practices across Azure environments and CI/CD pipelines.
You’ll work closely with cloud architects, engineering teams and security governance stakeholders to embed security from code to cloud—improving posture, strengthening controls, and driving automation at scale.
Responsibilities:
* Designing and implementing secure Azure architectures and cloud controls.
* Building and maintaining CI/CD pipelines in Azure DevOps with integrated security scanning and automated testing.
* Acting as a subject matter expert for DevSecOps and Cloud Security across security, development, and operations teams.
* Implementing automated cloud control validation aligned to internal and industry frameworks.
* Leading the adoption of Policy as Code principles.
* Integrating security tooling (SAST, DAST, SCA, secret scanning) into the DevOps toolchain.
* Creating documentation, SOPs, and guidance to support secure development and cloud practices.
* Translating complex technical risks into clear business-level impacts.
Required Skills & Experience:
* 5+ years’ experience in cloud security with a strong focus on Microsoft Azure.
* Proven background designing secure Azure environments and controls.
* Strong expertise with Azure DevOps (Repos, Pipelines, Artifacts, Boards).
* Hands-on experience building CI/CD pipelines with integrated security gates.
* Solid understanding of Azure security services (Defender for Cloud, Sentinel, Azure Policy).
* Strong IAM and privileged access experience (Conditional Access, PIM, MFA).