risk assessments on AI use cases, focusing on model behaviour, data governance, and user interaction. Collaborate on the development of model cards, risk registers, and post-market monitoring plans. MicrosoftPurview Integration: Use MicrosoftPurview to implement and manage: Data classification and sensitivity labels Data loss prevention (DLP) policies Information protection and access controls … on risk mitigation strategies and onboarding documentation. Security & DevSecOps Integration: Integrate AI security controls into CI/CD pipelines and MLOps workflows. Use tools such as Azure Key Vault, Microsoft Entra ID, and GitHub Actions for secure deployment and access management. Monitor AI systems using Azure Monitor, Log Analytics, and Application Insights. Policy Implementation & Regulatory Alignment: Translate regulatory requirements … AI Security & Compliance Engineer will have experience in: Strong technical background in AI/ML systems, with experience embedding security and compliance into product design. Expert-level knowledge of MicrosoftPurview for data governance, classification, and compliance. Familiarity with AI governance frameworks (e.g., NIST AI RMF, ISO/IEC 42001, Microsoft Responsible AI Standard). AzureMore ❯
Proven experience working as security engineer on large scale programmes in the Cyber Security Portfolio largely on Identity based security, Data classification and Cyber Security Resilience. Implementation knowledge of Microsoft Entra ID features like application integration, provisioning, MFA, SSPR and Conditional Access policies. Prior experience deploying Data classification using MicrosoftPurview for a large enterprise. Experience … Ability to perform basic Active directory administration tasks for project work such as user, group and Group policy updates. Essential Technical Skills & Qualifications Experience of the M365 security stack : MicrosoftPurview, Microsoft Entra ID, Device management using Intune, Identity Governance. Cloud Security (Tenable, CyberArk, MDR,VPN) Knowledge of best practices and procedures related to Cyber Essentials More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Invitise Ltd
hybrid working with an expectation to be in the office 3 days per week. Youll be joining a technical team focused on strengthening cloud security and ensuring compliance across MicrosoftAzure environments. This role will involve hands-on security engineering, working closely with infrastructure and DevOps teams, and supporting the adoption of Microsofts security toolset across the organisation. You … will need proven experience with: Securing Azure environments in line with best practices - essential Microsoft Defender (Cloud, Endpoint, 365) - essential Sentinel - essential MicrosoftPurview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks … PowerShell scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working towards) One or more of MS-500/SC-400/SC-900 The following are desired: CISSP, CISM, CCSP Interested? Please apply below. Senior Security engineer, M365 Consultant, M365 Engineer, Senior Cloud Security Engineer, Infrastructure More ❯
City of London, Clerkenwell, Greater London, United Kingdom Hybrid / WFH Options
Morson Talent
evidence, manage ONR requirements, and ensure ongoing alignment with NCSC and NPSA guidance Cloud Security Architecture: Secure and optimise Azure and M365 environments across IaaS, PaaS, and SaaS services Microsoft Security Stack: Deliver and support enterprise use of Defender, Purview, Sentinel (KQL, Logic Apps), Entra ID (IAM, PIM), DLP, AIP, and MCAS Security Programme Delivery: Lead and … and Cyber Essentials+ Third-Party Risk: Conduct security reviews of suppliers and partners, validating controls against contractual and regulatory requirements Stakeholder Engagement: Work across internal and external stakeholders (including Microsoft, Google, partners, and alliances), providing clear reporting and advice to senior management and regulatory bodies Health Checks and Testing: Scope and coordinate ITHC (IT Health Checks) and vulnerability management … experience in assurance, GRC, and cloud security Proven leadership in delivering gap analysis, audit evidence, and certification programmes (e.g. ISO 27001, NIST CSF, Cyber Essentials+) Strong technical background in Microsoft Security Stack and cloud security architecture Familiarity with risk assessment methodologies (ISO27005, NIST) Excellent communication, presentation, and stakeholder management skills Confident operating within regulated environments and engaging with regulators More ❯