We’re looking for a Cloud Security Engineer to join the Information Security team at Elexon on a permanent basis.
In this role, you’ll be responsible for implementing and maintaining cloud security controls across Elexon and EMRS environments, ensuring our cloud platforms remain secure, compliant, and aligned with industry best practice. Working across Microsoft Azure, Oracle Cloud, Salesforce, and ServiceNow, you’ll help protect critical systems that support the GB energy market while contributing to Elexon’s ongoing ISO27001 certification and Net Zero ambitions.
This is a hands-on technical role focused on cloud security engineering, security automation, and governance across a multi-cloud estate.
What you’ll do:
Implement and maintain cloud security controls across Azure and other cloud platforms
Ensure compliance with ISO27001, GDPR, and internal security policies
Automate vulnerability remediation across SDLC, CI/CD pipelines, and cloud workloads
Manage and optimise security tooling including Microsoft Sentinel, Microsoft Purview, and Defender
Implement and automate Identity and Access Management (IAM) controls following the Principle of Least Privilege (PoLP)
Develop and maintain technical security documentation to support governance and audit activities
Collaborate with internal teams and third-party suppliers to ensure consistent security standards
Support security governance, risk management, and security operations activities
Identify opportunities to improve cloud security posture and operational efficiency
Contribute to maintaining a secure and resilient environment across Elexon and EMRS
What you’ll bring:
Minimum three years’ experience in Cloud Security
Strong knowledge of cloud infrastructure and application security
Experience implementing security controls within Microsoft Azure environments
Hands-on experience with Microsoft Defender (including Defender XDR), Sentinel, Purview, Entra ID, Intune, Azure Firewall, WAF, Network Security Groups, Key Vault, AKS, App Services, and Azure Policy
Strong understanding of Azure governance frameworks and security best practices
Experience securing CI/CD pipelines and DevSecOps environments
Knowledge of IAM, access controls, and security automation
Strong written and verbal communication skills, including technical documentation
Experience working collaboratively with technical teams, suppliers, and auditors
Experience with Oracle Cloud, Salesforce, or ServiceNow security (desirable)
Experience with Azure DevOps, Aqua Security, SonarCloud, SCCM/MECM, or Azure Arc (desirable)
Professional certifications such as CISSP, CISM, or Microsoft Azure Security certifications (desirable)
What’s in it for you:
£49,000
Excellent benefits including bonus, private medical insurance and generous pension scheme
The opportunity to work within a thriving organisation which can support your growth and development
We operate a hybrid working approach with 2 days in our London office
Our culture
We believe a diverse and inclusive culture allows innovation and creativity to flourish. We are committed to continuously improving our culture for our colleagues and stakeholders. Through our hugely successful Diversity Forum, Mental Health First Aid network and regular programme of activities and events, we celebrate difference and recognise the value of employee wellbeing, which is a consistent outcome from annual employee surveys that we conduct. Likewise, as a community, we like to support each other, and all agree Elexon is a great place to work with a great workspace too!
At Elexon, we want to:
Provide true equality of opportunity
Attract and retain diverse talent
Listen to all voices
Be representative of the communities we work in
Be a role model for Diversity and Inclusion in the industry
Elexon together, embracing differences, listening to all voices
Ready to make an impact? Join us and help shape the future of energy services.
