×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager Cloud Computing Systems Engineer

Microsoft Cloud Security Architect Lead

Job in Reigate, Surrey County, RH2, England, UK
Listing for: Willis Towers Watson
Full Time position
Listed on 2025-12-22
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager, Cloud Computing, Systems Engineer
Job Description & How to Apply Below

Job Description

We are seeking a visionary Lead Microsoft Cloud Security Architect to join WTW's Global Information and Cyber Security Defence (ICSD) function. This role is pivotal in designing and implementing next‑generation cloud security architectures, securing WTW cloud environments, and driving automation and intelligence within Cyber Defense Security Platforms & SOC Engineering. This is a hybrid role based at London office, with a minimum requirement of 1 day in a week or based on business demand.

The Role:

The ideal candidate will have deep expertise in Microsoft Security and Sentinel, with a strong emphasis on:

  • Agentic AI for Security
    :
    Leading the adoption and integration of agentic AI to enable autonomous threat detection, adaptive response, and continuous security posture improvement.
  • Sentinel Data Lake
    :
    Leveraging Sentinel Data Lake not only for advanced analytics and threat detection, but also to optimize cost and drive the capabilities of Agentic AI for Security.
  • Microsoft Sentinel Model Context Protocol (MCP):
    Utilising MCP for advanced context‑aware analytics, automation, and to enhance the effectiveness of AI‑driven security operations.
  • Microsoft Sentinel Graph
    :
    Integrating and automating security workflows using Sentinel Graph for unified threat intelligence, incident correlation, and automated response.
Key Responsibilities:
  • Agentic AI for Security & Sentinel Advanced Capabilities
    • Lead the adoption and integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement.
    • Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft Sentinel Model Context Protocol (MCP) for advanced context‑aware analytics and automation.
    • Develop and maintain security analytics and data pipelines within Sentinel Data Lake to support large‑scale threat detection, incident response, and threat hunting, while optimising cost and enabling Agentic AI‑driven security operations.
    • Integrate and automate security workflows using Microsoft Sentinel Graph for unified threat intelligence, incident correlation, and automated response.
  • Microsoft Cloud Security Architecture & Strategy
    • Design and implement Microsoft Cloud Security Architectures for Azure, Microsoft, AWS, OCI and hybrid cloud environments.
    • Ensure Defender XDR and Defender for Cloud are optimised for advanced threat detection and response.
    • Develop enterprise‑wide security frameworks and standards to align with industry best practices (NIST, ISO 27001, CIS, GDPR, etc.).
    • Assess and improve cloud security postures using CSPM and CWPP tools.
  • Defender XDR & Wiz Cloud
    • Design and help optimise Microsoft Defender XDR (Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365) for holistic security coverage.
    • Advise on the design and rollout of Wiz Defend, Wiz Runtime Sensor, Wiz Code, Defender solutions, Sentinel Data Lake, and SOAR automation to enhance threat detection and response.
  • Identity Security & Conditional Access
    • Design and enforce Identity Security policies, including Azure AD Conditional Access, MFA, and Identity Protection.
    • Advise on Implementation of Privileged Identity Management (PIM) and Just‑in‑Time (JIT) access controls to mitigate identity‑based attacks.
    • Identify compromise threats using Microsoft Defender for Identity and Sentinel UEBA.
  • Email Security
    • Advise on best practices for email security.
    • Automate email security response actions using SOAR and Defender for Office 365.
  • Security Automation
    • Develop security automation workflows using Microsoft Sentinel playbooks, Logic Apps, and Power Automate.
    • Document security architectures, integrations, and automation processes in runbooks, SOPs, and technical guidelines.
    • Establish security governance frameworks to ensure compliance and risk management alignment.
  • Collaboration & Continuous Improvement
    • Work closely with GSOC, Threat Hunting, Insider Threats, Threat Intelligence and ICSD Change teams to align cloud security strategies with business needs.
    • Stay up to date with emerging threats, Microsoft security innovations, and industry trends to drive…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search