Job Title: Azure Code Security Specialist
Location: London / Hybrid
Employment: Contract (3 months)
Module – Hybrid -(but mainly remote with very rare travel to office)
Salary – £600 - 650/-Day Inside IR35
THE ROLE
The Azure Code Security Specialist is responsible for securing application code and cloud-native workloads across the Microsoft Azure ecosystem. This role combines deep expertise in secure software development and Azure cloud security to ensure code, pipelines and infrastructure are built with security embedded from design to deployment.
KEY RESPONSIBILITIES
Lead secure coding initiatives across Azure-based applications and microservices.
Collaborate with developers, DevOps and security teams to design, implement and maintain best-in-class security controls for Azure-hosted applications and CI/CD pipelines.
Design and enforce code security standards aligned with OWASP, CIS and Microsoft Secure Development Lifecycle (SDL).
Perform static and dynamic application security testing (SAST, DAST, SCA) using tools integrated into Azure DevOps pipelines.
Review Azure Resource Manager (ARM) templates Bicep and Terraform for misconfigurations and security risks.
Conduct threat modelling, code reviews and secure design assessments for Azure-hosted applications.
Monitor and enhance code-to-cloud visibility with Azure Security tools (Defender for Cloud, Entra ID, Sentinel).
SKILLS
Expertise in application security, cloud security, or DevSecOps, with a focus on Azure.
PROFICIENCY WITH:
* Azure DevOps, GitHub Enterprise and CI/CD pipeline security
* Azure App Services, AKS, Functions, Logic Apps and API Management
* Azure Key Vault, Managed Identities and Azure RBAC
* Static/Dynamic/Dependency Scanning tools (e.g. SonarQube, Snyk, Checkmarx, Veracode)
* Infrastructure as Code (IaC) scanning (e.g. Checkov, Prisma Cloud, Trivy)
Strong understanding of secure software design principles and OWASP Top 10 / ASVS.
Experience implementing policy-as-code and security automation (Azure Policy, Defender for DevOps).
Familiarity with azure (e.g. STRIDE, PASTA).