IT Security Engineer (Cloud & Identity)
Location: Cheshire (Hybrid)
Tech Stack: AWS, Cloudflare, Microsoft Entra
We are recruiting for an experienced IT Security Engineer to join a growing organisation that is strengthening its cloud-first security strategy. This role will focus on cloud and identity security across AWS, Cloudflare Zero Trust and Microsoft Entra, working closely with platform, infrastructure and engineering teams.
Key Responsibilities
* Implement security controls and guardrails within AWS using Terraform.
* Configure and support Cloudflare Zero Trust (ZTNA, Gateway, CASB/DLP, Browser Isolation, device posture, WARP, Tunnels).
* Integrate applications and services with Microsoft Entra ID for SSO, MFA, Conditional Access and PIM.
* Build identity-focused security patterns including OIDC/SAML, federation and short-lived credentials.
* Develop cloud and identity detections and route telemetry into SIEM tooling.
* Maintain automated response runbooks and incident playbooks.
* Support vulnerability remediation and help drive misconfiguration fixes.
* Contribute to security reviews, threat modelling and secure-by-default design practices.
* Provide security guidance to engineering teams and maintain relevant standards and documentation.
Skills & Experience
* Strong AWS security experience in multi-account environments.
* Hands-on experience with Cloudflare Zero Trust.
* Strong understanding of Microsoft Entra ID (Conditional Access, MFA, Identity Protection, PIM, SCIM).
* Solid understanding of Zero Trust principles.
* Experience with Terraform and Infrastructure-as-Code.
* Knowledge of cloud detection engineering, SIEM and automated response.
* Strong communication and ability to collaborate across technical teams.
Desirable
* Familiarity with ISO 27001 or Cyber Essentials.
* Scripting experience (Python, PowerShell) or Cloudflare Workers.
* AWS, Microsoft or ISC2 certifications.
Why Apply
* Opportunity to influence and shape cloud security direction.
* Modern cloud-first environment with strong technical investment.
* Hybrid/remote working flexibility.
* Engaging role with real autonomy and scope.