Azure Cloud Engineer

Tesco Mobile is the UK’s largest virtual mobile network — powered by O2 and backed by the strength of Tesco. We’re known for doing things differently: award‑winning customer satisfaction, a collaborative culture, and innovative digital experiences for over five million customers.

As an Azure Cloud Engineer within the Run & Operate Chapter, you’ll join our DevSecOps Squad, working alongside DevOps engineers, platform specialists, and the Cyber Security Team. Your mission: to secure and optimise our cloud platforms across Azure and AWS, embedding robust security practices into everything we build and operate.

This is a hands-on role where you’ll define cloud security standards, drive improvements, validate infrastructure changes, and strengthen our detection and response capabilities. Your work will directly influence how we protect our services, customers, and engineering systems.

You will be responsible for

You will play a key role in securing and maturing Tesco Mobile’s cloud environments (Azure and AWS):

• Define, maintain, and evolve cloud infrastructure security standards across AWS and Azure
• Act as a subject-matter expert on cloud and infrastructure security
• Lead and deliver cloud security improvement initiatives and posture management work

Operational Cloud Security

• Use services like Azure Security Center/Security Hub and AWS Security Hub to monitor and enhance posture
• Identify threats, risks, and misconfigurations — and implement effective mitigation strategies
• Validate infrastructure changes to ensure they meet security and compliance requirements

Collaboration & Strategy

• Work closely with the Cyber Security Team to align on strategy, controls, and company-wide initiatives
• Communicate risk and security improvements in a clear, business-focused way
• Support containerised environments and cloud-native workloads where relevant

You will need

• Proven experience in cloud security operations with Azure
• Desirable but not essential: Experience in cloud security operations with AWS
• Hands-on experience with cloud security monitoring and posture management tools
  • e.g., Azure Security Center, Azure Defender, AWS Security Hub
• Strong understanding of cloud governance, threat identification, and risk mitigation
• Experience integrating security controls into CI/CD pipelines
• Infrastructure as Code expertise (Terraform preferred)
• Logging/SIEM experience (e.g., Splunk, Sentinel, CloudWatch Logs)
• Automation skills using PowerShell, Azure CLI, AWS CLI, and/or Python
• Understanding of SAST, secure coding, and DevSecOps practices
• Collaborative mindset and eagerness to learn

Nice to have

• GitHub & GitHub Actions
• Experience with both AWS and Azure
• Exposure to Docker, Kubernetes, or cloud container security
• Experience creating dashboards, log ingestion or data streams in Splunk
•