Senior Platform Engineer (Security)
Who are we?
Telana are experts in applied innovation, focused on delivering business outcomes through AI, data, software development, and cloud engineering expertise. We leverage our problem solving skills and end-to-end capabilities to help our clients create better solutions for their customers and employees.
As a top-tier partner of Google Cloud and Microsoft, the market leaders for AI, Data, and Cloud, we work with some of the world’s biggest brands and government organisations to help them solve their toughest business and operational challenges; whether that’s attracting new customers, driving operational efficiency, or improving reducing risk.
We have received impressive external recognition for its innovative offerings, best-in-class capabilities, and tangible impact for customers across various industries: Telana is recognized as a Leader for Data, Analytics, and Machine Learning in the ISG Provider™ Lens for Google Cloud Partner Ecosystem in 2024, and a Rising Star in 2022 and 2023. We are an accredited Azure Expert MSP provider, and have also been awarded Google Cloud’s 2024 EMEA Public Sector Partner of the Year award.
What will your role be?
As a Senior Platform Engineer (Security), you will be a hands-on technical engineer on customer security engagements, which you will often lead - designing, building and hardening cloud platforms with a strong focus on Microsoft Entra, M365 and Azure security. You'll work at the intersection of identity, infrastructure and security operations, turning client requirements into well-architected, standards-aligned solutions that measurably improve their security posture. You'll combine deep technical delivery with direct client contact - shaping the approach, doing the work, and bringing internal and third-party teams along with you.
What will you be doing?
- Designing, deploying and hardening secure cloud platforms across Microsoft Azure and M365, including the underlying infrastructure - landing zones, network topologies and RBAC- that security workloads depend on.
- Architecting and implementing identity and access controls in Microsoft Entra, including Conditional Access policy suites, aligned to recognised security frameworks.
- Assessing clients' cloud security posture, investigating and remediating misconfigurations, and putting automated, repeatable processes in place for ongoing assurance.
- Configuring and operating platform security tooling - Microsoft Defender (Cloud and Servers), network security such as Global Secure Access, and SIEM/SOAR via Microsoft Sentinel - and integrating equivalent GCP or AWS controls where needed.
- Automating configuration and deployment through Infrastructure as Code (Terraform / Bicep) and scripting (PowerShell / Python), using AI tooling to accelerate delivery and review.
- Working directly with clients through delivery of projects which you will often lead.
- Shaping requirements, explaining technical decisions and risk, and contributing to scoping, estimation and Statements of Work during pre-sales.
- Coordinating with internal teams (e.g. EUC/Intune) and external partners such as managed SOCs to deliver joined-up security outcomes.
This may be you:
- Client-Facing Delivery: Comfortable leading customer engagements - adapting communication for both technical teams and less-technical stakeholders, managing expectations around risk and delivery boundaries, and explaining the reasoning behind design decisions. Rather than building straight to a backlog, you interrogate the underlying problem and can constructively challenge a flawed approach to propose a stronger, standards-aligned pattern.
- Commercial & Delivery Awareness: Able to contribute to pre-sales scoping, effort estimation and Statements of Work so that what's sold is deliverable, with a working understanding of professional services delivery and an eye for scope creep. Comfortable breaking an ambiguous problem into a technical backlog and driving it to completion with minimal oversight, including coordinating with external contractors and third-party providers such as managed SOCs.
- Core Entra Expertise: Deep, practical experience with all Microsoft Entra identity solutions. The candidate must be capable of reviewing an IAM design and fully understanding the operational, architectural and delivery implications.
- Advanced Access Controls: Proven ability to design comprehensive suites of Conditional Access policies aligning to known frameworks
- Security Posture: Experience investigating and remediating misconfigurations and establishing automated processes for assessing cloud security posture. The ability to translate technical risks into business operational risks and see both tactical and strategic solutions to the findings.
- Broad Azure Foundation: A strong, cloud infrastructure background is critical to ensure the candidate can understand and deploy the underlying infrastructure required for security workloads.
- Architecture & Topology: Ability to design scalable infrastructure patterns, such as secure, multi-region landing zones and hub-spoke network topologies.
- Identity Integration: Exceptional understanding of how identity integrates with cloud infrastructure, specifically a deep knowledge of Azure RBAC.
- Microsoft Defender Suite: Hands-on experience with platform-level Defender controls, specifically Defender for Cloud and Defender for Servers. (Note: Defender for Endpoint configuration is largely managed via Intune by the EUC team, so deep expertise here is a secondary priority ).
- Network Security: Capable of implementing and managing modern network security tools, such as Global Secure Access (GSA).
- SIEM / SOAR: Hands-on experience with Microsoft Sentinel or other equivalent SIEM/SOAR tools.GCP / AWS Tools: Experience and knowledge of Google Security Command Centre or AWS Security Hub is desirable.
- Infrastructure as Code & Scripting: Proficiency in Infrastructure as Code (Terraform / Bicep / Pulumi / Ansible) and PowerShell and/or Python for automating complex configurations and system administration tasks.
- Infrastructure scanning tools: Experience with tools for identifying security findings at scale is desirable.
- AI Leverage: Experience strategically applying AI tools (like Copilot or Gemini) to accelerate the generation of IaC, analyze complex IaC deployment plans for potential issues, and improve overall team efficiency.
There are many roads leading up to being a Senior Platform Engineer (Security) . Not sure you meet 100% of our qualifications? Have an untraditional background? Our team is already a mix of self-taught and formally educated people. Don’t self-select out!
What we offer you:
- You will be a part of a skilled, inspiring, and supportive team, and work in an environment that encourages long term personal growth.
- Flexible, and trust-based work environment with a healthy work life balance.
- Our people come first. That’s why you’ll have access to private medical insurance, employee assistance programmes, group life assurance, income protection and access to a market leading benefits platform.
- Learning & development. We will support you in your growth journey and cover the costs of your role-based certifications.
- We have first hand experience that diversity encourages creativity and innovation and makes us better placed to understand a wider range of customers' needs. This means that whatever your background, you won’t find a more welcoming place to work.
- We have family friendly policies and encourage a work-life balance, including flexible working options in roles which permit it.