The Digital organisation is strengthening its resilience across Infrastructure, Software Development and OT domains, so this role exists to deliver end-to-end security initiatives combining project management and technical delivery. The position requires strong experience in identity and access management (IAM) and security architecture, and will work with platforms such as Microsoft Defender and Entra ID / Active Directory to embed security-by-design in live services.
The mission
You will join a cross-functional Digital team to plan and deliver security projects that operationalise policy and reduce risk across on-prem and cloud estates. Projects include IAM rollouts, security tool deployments, and process changes aligned with frameworks such as NIST, CIS Controls, and ISO27001, and with attention to emerging requirements like NIS2.
On a day-to-day basis you will run project plans and coordinate stakeholders while also performing hands-on technical work: configuring and tuning security platforms, supporting incident analysis, and translating architecture choices into implementable controls. Your work will affect technology domains from infrastructure to application pipelines and OT, and you will report progress to senior Digital governance and security owners.
Your responsibilities
- Lead and deliver security projects end-to-end, producing project plans, managing scope, timing and stakeholder alignment, and ensuring agreed outcomes are met
- Design and implement technical security solutions, configuring Microsoft Defender, Entra ID / Active Directory, and IAM controls to harden environments
- Translate security policies into operational processes and controls, creating clear runbooks and workflows for operational teams
- Analyse incidents and complex security events, produce root-cause findings and recommend concrete technical and process improvements
- Advise infrastructure, software and OT teams on secure architecture choices and risk mitigations, ensuring security-by-design is applied
- Improve security posture through tooling optimisation, control tuning and follow-up on remediation actions
Your profile
Essential skills
- Senior-level experience combining security project management and hands-on system engineering across enterprise environments
- Practical expertise in identity and access management (IAM), including account lifecycle, role management and access reviews
- Operational experience with Microsoft Defender and Entra ID / Active Directory or equivalent security platform suites
- Solid understanding of security architecture, network security and controls applicable to infrastructure, applications and OT
- Familiarity with security frameworks and compliance standards such as NIST, ISO27001, and CIS Controls; knowledge of NIS2 is an advantage
- Strong stakeholder management and communication skills to translate technical risk into business-relevant actions