Principal Security Consultant - DSS

This role sits within the consulting function of our MSSP SOC, delivering engaging professional services while supporting and enhancing the security posture of existing managed service clients. It operates across multiple customer environments, balancing hands‑on technical delivery with architectural guidance. The focus is on improving security outcomes across concurrent engagements, from targeted solution delivery to broader security transformation initiatives.

• Lead design and implementation of defensive security services, focusing on Microsoft or CrowdStrike ecosystems, across a wide range of customer environments.
• Act as a trusted security consultant, developing reference architectures, target operating models and design patterns spanning Microsoft‑native and non‑Microsoft technologies.
• Design and integrate security controls within complex enterprise, hybrid and multi‑cloud architectures, ensuring interoperability and operational sustainability.
• Provide oversight across multiple security engagements, ensuring solutions align with Zero Trust principles, regulatory requirements and recognised security frameworks.
• Lead end‑to‑end delivery of complex consultancy engagements across SOC/SIEM/SOAR, XDR/EDR, identity, cloud security, vulnerability management and related services, ensuring delivery to agreed scope, quality and timelines.
• Serve as a senior technical authority and escalation point for high‑impact engagements, including complex designs, critical incidents and security transformation programmes.
• Produce high‑quality architectural artefacts, documentation and reusable assets, including design documents, templates, scripts and automation to enable scalable and repeatable service delivery.
• Collaborate closely with sales, pre‑sales, PMO and wider delivery teams to scope and estimate new engagements, contribute to statements of work and ensure effective transition from design into delivery.
• Maintain and continuously improve standard methodologies, deployment patterns and delivery processes, driving consistency, quality and maturity across consultancy and managed services engagements.

• Significant experience delivering complex security consultancy engagements within an MSSP or managed services environment.
• Proven capability designing and implementing enterprise security architectures across Microsoft and mixed‑vendor environments.
• Deep hands‑on expertise across the Microsoft security and compliance ecosystem (Microsoft Sentinel, Defender XDR, Purview, Entra ID, Defender for Cloud).
• Experience designing, onboarding and maturing SOC capabilities, including SIEM and XDR integrations, detection engineering and security posture management.
• Strong working knowledge of Zero Trust architecture and recognised security frameworks such as NIST CSF, ISO 27001, PCI DSS, MITRE ATT&CK and CSA guidance.
• Holder of recognised industry certifications such as CISSP, CISM, CISA or CySA+, alongside relevant Microsoft security certifications (e.g., SC‑100, SC‑200, AZ‑500).
• Commercial awareness relevant to consultancy and managed services delivery, including engagement scoping, effort estimation and delivery quality.

• External Clients (New and Existing)
• Internal LRQA colleagues
• VP Advisory Services
• VP Detect & Respond
• Security Engineering Manager
• Security Engineering Team Lead
• SOC Monitor Team
• SOC Consultants
• Technical Pre‑Sales & Sales Team

LRQA is on a mission to create a safer and more sustainable future for everyone. We embrace different perspectives and are committed to an inclusive culture where all employees can thrive.