Cyber Security Helpdesk Technician

Workflo Solutions is a leading Scottish provider of outsourced IT, managed print, digitisation, and communication technology. We are dedicated to delivering high‑quality technical support and IT solutions to a diverse range of clients. We pride ourselves on our commitment to excellent customer service, rapid issue resolution, and our proactive approach to IT management. We are an ambitious and growing MSP, focussed on our cyber security journey. As we build our offerings and mature our service delivery, we need someone who can take the lead on security while also being hands‑on with helpdesk duties. You’ll help define our security posture, take ownership of core Microsoft security technologies, respond to threats, and support clients with strong service and technical expertise.

We are looking for a skilled, proactive individual to be our Security Lead / Helpdesk Technician. You’ll split your time between: setting up, maintaining, and enhancing security systems for us and our clients; working on general helpdesk tasks: supporting users, troubleshooting, ensuring high‑quality service.

• Implement Microsoft Defender (for Endpoint, Email, Cloud Apps, etc.), ensuring configurations follow current best‑practice security standards.
• Set up Conditional Access policies, Identity Protection, Privileged Identity Management, multi‑factor authentication etc., enforcing least‑privilege access.
• Implement and manage Microsoft Entra ID (formerly Azure AD) and Mobile Device Management (MDM) tools such as Microsoft Intune or equivalent.
• Configure alerts, dashboards and reports to monitor risks, events, and anomalous activity.
• Act as first line for remedial actions when detections occur: incident triage, assessment, containment, resolution or escalation.
• Liaise with external partners including penetration testers, auditors, and third‑party security vendors to ensure findings are addressed swiftly and clients remain protected.
• Assist with helpdesk support: user issues, device support, software/hardware troubleshooting, patch management, onboarding/offboarding.
• Maintain documentation of security policies and procedures, maintain awareness of regulatory and compliance requirements.
• Keep up‑to‑date with security threats, vulnerabilities, and relevant Microsoft product updates; propose improvements and help mature security processes.

• Proven experience working in a helpdesk / IT support environment AND specific experience with Microsoft security technologies.
• Deep knowledge and hands‑on experience with Microsoft Defender, including configuration of Endpoint protection, EDR, threat investigation and remediation.
• Strong experience implementing and managing Entra ID / Azure Active Directory, especially around identity & access management, Conditional Access, MFA, RBAC.
• Experience with Mobile Device Management (MDM), preferably Microsoft Intune, including device enrolment, device compliance, policy enforcement, etc.
• Skills in setting up logging, alerting and reporting on security‑relevant events (e.g. using Microsoft Defender, Entra/Azure AD logs, Sentinel SIEM or similar).
• Ability to respond to detections: triage, remediate, escalation, communicate clearly with both technical and non‑technical stakeholders.
• Good communication skills: able to work with external security partners (penetration testers, auditors), and translate technical threats and findings into understandable terms.
• A mindset of continuous improvement: always learning, staying current with threat landscape, Microsoft’s evolving security tools & best practices.
• Microsoft certification(s) for security products: e.g., Microsoft Certified: Security, Compliance, and Identity Fundamentals / Associate / Expert, or relevant security‑oriented Microsoft credentials. Additional security certifications are a plus.

• Experience with SIEM tools or Microsoft’s newer unified XDR capabilities.
• Understanding of regulatory / compliance frameworks: ISO 27001, Cyber Essentials, GDPR, etc.
• Scripting or automation skills (PowerShell, Microsoft Graph API or similar) to help with reporting, configuration drift, remediation.
• Familiarity with vulnerability management: scanning, remediation, risk assessment.
• Experience with incident response or working in an SOC‑style setup.

Competitive salary (depending on experience). Funded and supported training & professional development opportunities including certifications. A chance to influence and build a security practice from early stages. This is an opportunity for someone to build a successful career with no ceiling, backed by one of the fastest growing MSPs in Scotland.

Job Type: Full‑time

• Company pension
• Employee discount
• Gym membership
• Private medical insurance