Azure jobs in Newcastle upon Tyne

CYBER SECURITY ENGINEER

Nova Blue Technologies | Full-Time | Remote (UK)

Pay From £60,000 per year

About Nova Blue

Nova Blue Technologies is a UK managed security services provider founded by people with a background in defence and national security. Our leadership team brings 50+ years of collective experience defending organisations at the highest levels of government, and we bring that same standard to businesses of every size.

We already have a strong technical core in place. What we are looking for now is a technical leader to own the vision for an established, scaling technology portfolio and take it to the next level as we move into our next phase of growth. You will set direction, own outcomes, and shape how our security delivery scales.

Relentless innovation is one of our core values. We are always looking for ways to sharpen our services and bring new ideas to market, and this role is central to that ambition.

We have strong market traction and a customer base that keeps expanding, with significant opportunities ahead across the UK, Europe, and Canada. We are looking for someone genuinely motivated to be part of that growth story.

The Role

You will own the detection and automation behind two of our core services: MIDAS, our flagship Microsoft 365 managed security service, and ATLAS, our Sentinel-based SIEM and SOAR service. A strong foundation is already built. Your job is to take it further.

The role rests on two equal pillars.

Pillar 1: Customer Sentinel and detection. You will run regular Sentinel deployments: meeting customers, working out what they actually need, and iterating towards a solve. We manage our use case libraries in sprints, so you have the room to do the job properly. Detection is not about generating more alerts. It is about orchestrating them well, killing false positives and automating response so on-call analysts are only paged when a human is genuinely needed.

Pillar 2: Internal automation at scale. You will own the PowerShell and Microsoft Azure automation that rolls out proactive security configurations and CIS baselines across customer tenants. Harden once, apply everywhere. The better this works, the lighter the alert load downstream and the more time the whole team gets back. There is plenty of room to push it further, including with AI and MCP-based tooling.

These two pillars feed each other, and you will shape how they come together as we scale, extending the framework beyond Microsoft 365 and Azure when the time is right.

You will report to the COO and work in concert with the managed services team lead. You will spend real time with customers and within their change management processes, because we care about doing things the right way and communicating clearly. Above all, this role keeps customers from getting breached. That is the point.

This is a single contributor role within a matrix team: you own the technology, not a line-management chain. As we grow, the team may grow with it, and if you do a great job and show leadership potential, you could be the person who ends up leading it. We are a small company, so people wear many hats, and a multidisciplinary interest in how a startup runs, including product management and service delivery, will be a real asset.

What You’ll Do

• Run regular customer Sentinel deployments: gather requirements, build use cases, and iterate towards a solve
• Orchestrate alerts and automation so on-call analysts are paged only when it truly matters
• Own and evolve the PowerShell and Azure automation that deploys security configurations and CIS baselines at scale
• Work with service delivery owners to turn baseline improvements into automated, repeatable controls
• Deliver scoped security configuration work across the Microsoft 365 stack (Defender, Entra, Intune, Purview)
• Write clear SOPs so good work becomes repeatable
• Act as the technical subject matter expert in customer conversations

What We’re Looking For

Must-have

• Hands-on Microsoft Sentinel experience: writing KQL, building analytics rules, and deploying automation
• PowerShell scripting for real automation, not just one-liners
• Working knowledge of the Microsoft 365 security stack (Defender for Endpoint, Entra ID, Intune)
• Source control as a professional discipline
• A root-cause mindset: you chase the cause, not just the symptom
• Innovation, curiosity, and agility: you look for better ways to do things, and you are in it for the ride
• Strong customer-facing communication skills
• Right to work in the UK

Strong preference

• MDR or SOC engineering background
• Microsoft Azure automation experience
• Experience deploying security baselines or configuration management at scale (CIS or similar)
• Intermediate-to-advanced KQL (enrichment, correlation, custom workbooks)
• Experience in an MSSP or multi-tenant environment

Good to have

• Familiarity with MITRE ATT&CK as a detection framework
• Interest or experience in applying AI and MCP-based tooling to automation
• Experience with threat intelligence and automated IOC tooling such as STIX and OpenCTI, including judging feed quality and value for money
• Awareness of UK public sector or MOD supply chain security requirements
• A multidisciplinary interest in startup functions such as product management and service delivery
• A second spoken and written language, German especially

What Good Looks Like

After 3 months, you are running Sentinel deployments end to end, and you own the automation framework without hand-holding. You can diagnose why something is not firing as expected, and you have already improved at least one thing nobody asked you to.

After 6 months, you are setting direction across both pillars. Your automation is hardening tenants at scale, your detections are tuned so the on-call team is paged only when it matters, and customers trust you. You are the person the team turns to when something needs to scale cleanly.

Flexibility & Work/Life Balance

We are a genuinely flexible organisation on remote work and flexitime. Outside of scheduled customer commitments, your day is yours to plan. No hours of dull meetings, no commute. That makes us a great fit for new parents, people with family commitments, or anyone after a better work/life balance in a hectic world.

Getting in Early

We anticipate launching an Employee Share Ownership Plan (ESOP) within the next year. This role will be eligible to participate once the scheme is finalised, with consideration given to length of service. For the right person, this is a real chance to get in early on our growth story.

Working Arrangements

• Fully remote, UK-based
• DBS screening is required for this role
• SC clearance (or eligibility for it) is an asset

A Note on Culture

We are a few years old, close-knit, and growing fast. Everyone here carries weight, and everyone enjoys the work. We learn by doing and we solve real problems for clients who depend on us. If that sounds like your kind of place, you will fit right in. If you need a slow, highly structured environment, we are probably not the right fit.

Benefits

• Company pension
• Flexitime
• Work from home
• Eligibility for our anticipated Employee Share Ownership Plan (ESOP), expected within the next year, with consideration given to length of service

Requirements

• Languages: English (required); German or another second language an asset
• Work authorisation: United Kingdom (required)
• Screening: DBS required; SC clearance or eligibility an asset

Work Location: Remote (UK)

Pay: From £60,000.00 per year

Benefits:

• Company pension
• Employee stock ownership plan
• Flexitime
• Work from home

Experience:

• DSC: 2 years (preferred)
• KQL: 2 years (preferred)
• SIEM: 2 years (preferred)
• Azure Automation: 2 years (preferred)

Language:

• English (required)

Work authorisation:

• United Kingdom (required)

Work Location: Remote