Job Specifications
Company Description
About Sibylline
Sibylline is a leading intelligence and strategic risk consultancy in the security sector. Since 2010 we have supported businesses, governments and NGOs through the provision of high-quality risk analysis, due diligence and consultancy services. The firm provides an innovative, entrepreneurial and fast-growing working environment, offering employees ever greater exposure to high-profile clients and challenges. Sibylline offers fantastic opportunities for career progression within a successful company, and we aim to help our employees to build their own personal profiles as well-regarded analysts within the broader industry.
Key attributes of Sibylline employees are:
Self-motivated, and auto-improving individuals who can couple initiative and boldness with good judgement
Excellent written and spoken English
Clarity of thought and analytical flair
Strong, demonstrable interest in security and intelligence
The ability to work under pressure, demonstrate leadership when required but also be able to collaborate effectively in teams
Excellent attention to detail
Job Description
About the role
We are looking for a Cloud Security and Integrations Engineer with expertise in Microsoft 365 security, cloud integration, and identity management to join our rapidly growing company. You will play a pivotal role in safeguarding our organisation's cloud infrastructure, maintaining robust security configurations, and enabling seamless integration between our various systems.
You will also be monitoring and enhancing our Microsoft 365 security posture, managing cloud-based identity solutions, and implementing secure system integrations, whilst working closely with stakeholders throughout Sibylline and with external partners. You will collaborate with the Microsoft 365 Architect and other teams across the company to implement robust security measures, design and deploy automated processes, and establish secure integrations with third-party applications.
Additionally, you will be supporting incident response activities, contributing to compliance efforts, and driving security awareness across the organisation. This position requires a security-focused mindset with particular emphasis on cloud security best practices and zero-trust principles.
Responsibilities
Monitor, assess, and enhance Microsoft 365 security configurations across the entire tenant - Including, but not limited to, Azure, Defender, Entra, Intune, and 3rd party software
Support the Microsoft 365 Architect with research and implementation of cloud systems
Implement and manage data loss prevention (DLP) policies, sensitivity labels, and advanced threat protection measures
Conduct regular security assessments of Microsoft 365 environment to identify and remediate potential security gaps
Design and implement Conditional Access policies that seek to harden security standards while maintaining staff accessibility
Evaluate, integrate, and onboard 3rd party software with appropriate security policies and SSO configuration
Conduct periodic reviews of 3rd party software integrated with Microsoft 365
Develop and maintain secure integrations and automated workflows between Microsoft 365 and other business-critical applications
Implement security controls for data flows between integrated systems
Provide weekly updates to the Director of Tech and the wider team regarding recent security incidents, or any new vulnerabilities that need to be addressed
Monitor security logs and alerts from Microsoft 365 Defender suite and track remediation of identified security issues
Create regular security reports for technical and non-technical stakeholders
Conduct and support internal audit efforts related to ISO-27001, Cyber Essentials, regular security audits of cloud configurations and any other relevant frameworks
Develop and maintain security policies and procedures for cloud environments
Respond to and investigate security incidents related to cloud environments and M365 and develop incident response playbooks for common cloud security scenarios.
Requirements
Minimum 3 years of experience in cloud security, with specific focus on Microsoft 365 security and administration
Relevant certifications such as Microsoft Certified: Security, Compliance, and Identity Fundamentals, Microsoft 365 Certified: Security Administrator Associate, or similar certifications
Demonstrated expertise in Azure Active Directory/Entra ID, Single Sign-On (SSO) implementation, and identity management
Strong experience configuring and managing Microsoft Defender for Office 365, Defender for Endpoint, and other M365 security components
Experience with Conditional Access policies and implementing zero-trust security principles
Hands-on experience integrating Microsoft 365 with third-party applications and implementing appropriate security controls
Experience with Microsoft Intune for device management and security
Understanding of data protection regulations and compliance requirements (particularly ISO-27001 and Cyber Essentials)
Experience monitoring and responding to security alerts and incidents
Knowledge of cloud security best practices and frameworks
Ability to communicate security concepts effectively to both technical and non-technical audiences
Strong analytical and problem-solving skills
Experience with audit and compliance initiatives.
Nice to have
Additional certifications such as Certified Information Systems Security Professional (CISSP), Microsoft Certified: Azure Security Engineer Associate, or Certified Cloud Security Professional (CCSP)
Experience with cloud security posture management tools
Knowledge of secure API integration principles
Experience with cloud-based SIEM solutions, particularly Microsoft Sentinel.
Additional Information
Interview Process
Initial call with our Talent Acquisition team member
Interview with the hiring manager
Panel interview with some of the team members and hiring managers at Sibylline
Research indicates that certain groups are less likely to apply for a position unless they meet every single requirement. If you feel you meet some of the requirements and can offer a unique perspective to this role, we strongly encourage you to apply—you might be the perfect fit we're looking for!
Sibylline is committed to the recruitment and selection of candidates without regard for sexual orientation, gender, ethnicity, age, political beliefs, culture and lifestyle. We are committed to fostering a business culture that reflects these values and promotes equal opportunity.
About the Company
Sibylline is a leading strategic risk consultancy delivering timely, accurate, relevant and actionable intelligence; tailored to increase organizational resilience and decision advantage.
Since 2010 we have supported businesses, governments and NGOs through the provision of high quality risk analysis and due diligence services. We do not believe in one-size-fits-all solutions. Instead, our global source network, professional intelligence analysis processes and specialist expertise allows us to produce high-quality, insightf...
Know more