Salary: Up to £80,000 + benefitsLocation: Hybrid — 3 days per week in GuildfordThis is an excellent opportunity to shape and mature a growing security capability within a forward-thinking, cloud-first environment.Security & Infrastructure EngineerMy client is undergoing a major technology evolution, modernising and strengthening its hybrid cloud estate with a strong focus on security, resilience, and scalable growth. They are looking for a hands-on Security & Infrastructure Engineer to help elevate and continuously enhance their security posture across cloud, on-prem, and SaaS environments.This is a practical engineering role suited to someone who enjoys operating at pace, solving complex problems, and driving security best practice across a diverse technology landscape.Cloud & Infrastructure SecurityConfigure and support Azure security capabilities (Defender, Firewall, Policy, monitoring, backup).Implement secure cloud architecture aligned to best practice landing zone principles.Manage conditional access, patching, and hybrid infrastructure security controls.Contribute to Infrastructure-as-Code and secure CI/CD practices.Microsoft 365 & Identity SecurityStrengthen security across Microsoft 365, Entra ID, and associated services.Enhance identity governance, privileged access management, DLP, and data classification.Support Defender tooling and alert management.Threat & Vulnerability ManagementWork with SOC partners to triage and respond to alerts.Conduct vulnerability assessments and coordinate remediation efforts.Enhance endpoint protection and XDR capabilities.Security Operations & ComplianceHarden Windows Server, Active Directory, endpoints, and virtual desktop environments.Maintain logging, monitoring, and alerting coverage.Support external audits and recognised security certifications (e.g., Cyber Essentials Plus, ISO 27001, SOC 2).About You3+ years’ experience in security engineering or cyber operations.Strong hands-on Azure and Microsoft 365 security expertise.Experience with vulnerability management and endpoint protection tooling.Solid understanding of Zero Trust principles and cloud security architecture.Comfortable working cross-functionally and influencing security best practice.Relevant certifications (Microsoft Security, Azure, ISC2, CompTIA, CCSK) and experience with Infrastructure-as-Code frameworks are advantageous.