Azure DevSecOps Consultant

Azure DevSecOps Consultant – Information Security

Location: Ipswich, Suffolk Onsite/Hybrid (UK – 3 days per week in office). Candidates must live a commutable distance from Ipswich.

We are partnered with a major enterprise undergoing significant cloud-security transformation, and we're seeking an experienced Azure DevSecOps Consultant to join their Information Security function. This is a pivotal, hands-on role focused on designing, implementing, and automating secure-by-design cloud practices across Azure environments and CI/CD pipelines.

You’ll work closely with cloud architects, engineering teams and security governance stakeholders to embed security from code to cloud—improving posture, strengthening controls, and driving automation at scale.

Responsibilities:

• Designing and implementing secure Azure architectures and cloud controls.
• Building and maintaining CI/CD pipelines in Azure DevOps with integrated security scanning and automated testing.
• Acting as a subject matter expert for DevSecOps and Cloud Security across security, development, and operations teams.
• Implementing automated cloud control validation aligned to internal and industry frameworks.
• Leading the adoption of Policy as Code principles.
• Integrating security tooling (SAST, DAST, SCA, secret scanning) into the DevOps toolchain.
• Creating documentation, SOPs, and guidance to support secure development and cloud practices.
• Translating complex technical risks into clear business-level impacts.

Required Skills & Experience:

• 5+ years’ experience in cloud security with a strong focus on Microsoft Azure.
• Proven background designing secure Azure environments and controls.
• Strong expertise with Azure DevOps (Repos, Pipelines, Artifacts, Boards).
• Hands-on experience building CI/CD pipelines with integrated security gates.
• Solid understanding of Azure security services (Defender for Cloud, Sentinel, Azure Policy).
• Strong IAM and privileged access experience (Conditional Access, PIM, MFA).