Platform Engineer

Company: Quorum Cyber

At Quorum Cyber, we're on a mission to help good people win. Founded in Edinburgh in 2016, we're one of the fastest growing cyber security companies in the UK and North America, serving over 400 customers on four continents. We protect organisations against the rising threat of cyber-attacks, enabling them to thrive in an increasingly unpredictable and inhospitable digital landscape. As a Microsoft-only security house, a Microsoft Solutions Partner for Security, a member of the Microsoft Intelligent Security Association (MISA), and winner of the Microsoft Security MSSP of the Year 2025 award, we offer a unified security ecosystem comprised of innovative services, all delivered through our customer platform, Clarity. In September 2024, Quorum Cyber acquired Canada-based, Microsoft Solutions Partner for Security, Difenda. This was closely followed in December 2024 by the acquisition of US-based, Kivu Consulting, a global cyber security firm with world-leading incident response capabilities.

Position

Role Purpose:

Deliver and support Cloud Security managed services and internal platform security. Implement and maintain security controls, governance, and compliance across cloud and on-premises environments. Contribute to secure operations, risk management, and incident response while ensuring alignment with business and regulatory requirements.

• Support the implementation of innovative and operationally effective Cloud Security services.
• Ensure services are delivered in accordance with established service levels.
• Execute operational procedures and escalate complex incidents to senior team members as required.
• Implement and support internal cloud and on-premise systems and infrastructure with appropriate security controls.
• Implement, support, and test Disaster Recovery plans and associated processes.
• Establish security baseline standards using NIST, ISO, CIS, and support compliance programs (SOC 2, ISO 27001, PCI DSS).
• Create and maintain custom Cloud policies for governance, regulatory compliance, and security.
• Support vulnerability management and remediation to maintain compliance and best practices.
• Collaborate with stakeholders on projects, backlog items, and service requests, ensuring secure system development lifecycle practices.
• Contribute to IT Security-related policies, standards, guidelines, and procedures.
• Participate in IT Security Incident Response testing and annual risk assessments.

• Experience in IT security, with emphasis on Cloud Security.
• Hands-on expertise securing and managing cloud environments (Azure, AWS, GCP).
• Knowledge of Microsoft security services (Defender suite, Sentinel, Purview, Azure AD, Endpoint Manager).
• Familiarity with DevOps security concepts and container platform security.
• Ability to use automation for Infrastructure as Code (IaC) and Policy as Code (PaC).
• Experience with CI/CD pipelines.
• Knowledge of IT Security processes: Information Protection, Vulnerability Management, System Auditing/Logging, Identity and Access Management.
• Experience managing vulnerability assessments and IT Security audits.
• Understanding of IT Security frameworks: SOC 2 Type II, PCI DSS, ISO 27001/27002.
• Working knowledge of software development practices and Secure Development Lifecycle.
• Professional certifications in security or technology domains (preferred).
• Ability to collaborate with internal teams, external customers, and vendors.
• Strong communication, documentation, and teamwork skills.
• Familiarity with Agile methodologies (Lean, Scrum, Kanban).
• Ability to prioritise, follow processes, and operate in a fast-paced environment.

• I Know I Have Done A Great Job If:
• Cloud Security services are delivered consistently to agreed service levels.
• Security controls and compliance standards are implemented and maintained effectively.
• Vulnerability management and incident response activities reduce risk and maintain compliance.
• Stakeholders and customers receive professional, clear, and effective support.
• Disaster Recovery processes are reliable and tested.
• Security policies and standards are clear, current, and aligned to frameworks.
• Risk assessments identify issues early and remediation actions are implemented.

You will get an excellent salary, with world class benefits.

As leading-edge technology company you will have access to the latest technology, and an environment that will encourage and nurture your curiosity. We are passionate about your development, and you will be empowered to advance your skills and expertise.