Azure DevSecOps Consultant – Information Security
Location: Ipswich, Suffolk Onsite/Hybrid (UK – 3 days per week in office). Candidates must live a commutable distance from Ipswich.


We are partnered with a major enterprise undergoing significant cloud-security transformation, and we’re seeking an experienced Azure DevSecOps Consultant to join their Information Security function. This is a pivotal, hands-on role focused on designing, implementing, and automating secure-by-design cloud practices across Azure environments and CI/CD pipelines.
You’ll work closely with cloud architects, engineering teams and security governance stakeholders to embed security from code to cloud—improving posture, strengthening controls, and driving automation at scale.


Responsibilities:
*Designing and implementing secure Azure architectures and cloud controls.
*Building and maintaining CI/CD pipelines in Azure DevOps with integrated security scanning and automated testing.
*Acting as a subject matter expert for DevSecOps and Cloud Security across security, development, and operations teams.
*Implementing automated cloud control validation aligned to internal and industry frameworks.
*Leading the adoption of Policy as Code principles.
*Integrating security tooling (SAST, DAST, SCA, secret scanning) into the DevOps toolchain.
*Creating documentation, SOPs, and guidance to support secure development and cloud practices.
*Translating complex technical risks into clear business-level impacts.


Required Skills & Experience:
*5+ years’ experience in cloud security with a strong focus on Microsoft Azure.
*Proven background designing secure Azure environments and controls.
*Strong expertise with Azure DevOps (Repos, Pipelines, Artifacts, Boards).
*Hands-on experience building CI/CD pipelines with integrated security gates.
*Solid understanding of Azure security services (Defender for Cloud, Sentinel, Azure Policy).
*Strong IAM and privileged access experience (Conditional Access, PIM, MFA).