Cloud, Network & IT Secuirty Lead

**Life tastes better with ice cream
**
With 19.000 expert ice cream colleagues and iconic brands like Wall’s, Cornetto and Ben & Jerry’s, loved in 76 countries, we are the world’s largest Ice Cream company leading the industry.
 
We create iconic ice cream brands that are part of everyday life, bringing moments of joy to millions of people around the world. Everybody loves ice cream. And as the world’s biggest pure‑play ice cream company, we have the scale and ambition to make a real difference. 

What truly sets us apart is how we work. 

We move fast and keep things simple. We turn ideas into action, trust people to take ownership, and work as one team to win together with integrity. Our culture is high‑performance, collaborative and focused on getting things done. 

We’re curious and ready for what’s next. We embrace digital, use data to make better decisions, and keep learning, including how AI can help us work smarter and serve consumers better.  

The role

Responsible for building, managing, and improving TMICC’s cybersecurity technology landscape. The role owns security platforms across cloud, network, endpoint, and email security, ensuring they are implemented, configured, integrated, maintained, and continuously enhanced. The person will work with infrastructure, cloud, IAM, architecture, applications, security operations, and vendors to strengthen enterprise protection, visibility, and risk management. This role supports the creation of a standalone technology environment for TMICC as it separates from Unilever.

What you'll be responsible for

• Microsoft Security Platform Management
• Own administration, configuration, optimization, and improvement of Microsoft Defender XDR platform.
• Manage Microsoft Defender solutions including Endpoint, Identity, Cloud Apps, Cloud, and Office 365 security.
• Implement endpoint protection, threat prevention, attack surface reduction, and device hardening controls.
• Integrate Microsoft security technologies with enterprise platforms and improve security effectiveness.
• Cloud Security Engineering
• Manage cloud security tools including Microsoft Defender for Cloud, Wiz, and Prisma Cloud.
• Drive Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP) initiatives.
• Improve cloud visibility, risk reduction, and secure cloud adoption.
• Collaborate with cloud and infrastructure teams for security remediation.
• Endpoint & Workplace Security
• Manage endpoint security using Microsoft Intune policies and compliance controls.
• Implement device security baselines, encryption, application protection, and hardening measures.
• Ensure security controls are deployed and maintained across enterprise devices.
• Email Security
• Manage Microsoft Defender for Office 365 and email security solutions.
• Configure anti-phishing, anti-malware, anti-spam, and impersonation protection policies.
• Improve email threat detection and security resilience.
• Network & SASE Security
• Manage firewall, VPN, segmentation, WAF, and internet security controls.
• Lead Zscaler ZIA/ZPA and SASE security implementations.
• Improve secure access and third-party connectivity capabilities.
• Security Technology Management
• Own security platform lifecycle including deployment, upgrades, integrations, and retirement.
• Manage security vendors, service providers, and implementation partners.
• Maintain documentation, operational procedures, and platform standards.
• Change Enablement & Collaboration
• Act as technical liaison between Cyber Security, Infrastructure, Cloud, Workplace teams, and vendors.
• Drive security best practices, operational excellence, and continuous improvement initiatives.

We're looking for someone who

Education and Experience

• 8-12 years of experience in Cyber Security, Security Engineering, Cloud Security, Infrastructure Security, Endpoint Security, or Network Security roles.

• Proven experience implementing, administering, and optimizing enterprise security technologies within complex global organizations.

• Strong hands-on experience with Microsoft Defender XDR, MDE, MDI, MDCA, MDC, MDO, and Microsoft Intune.

• Experience with cloud security platforms including Wiz, Prisma Cloud, CSPM, and CWPP technologies.

• Experience with enterprise email security technologies such as Proofpoint and Microsoft Defender for Office 365.

• Experience with network security technologies including firewalls, VPNs, web security platforms, and segmentation controls.

• Experience with Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and SASE security architectures.

• Experience leading technical security projects, platform deployments, migrations, and security transformation initiatives.

• Experience working with managed service providers, cloud providers, and security technology vendors.

Skills and Competencies

• Deep technical expertise across Microsoft security technologies and security engineering practices.

• Strong understanding of cloud security concepts including CSPM, CWPP, cloud governance, and cloud risk management.

• Strong understanding of endpoint security, device management, endpoint hardening, and enterprise mobility management.

• Strong understanding of email security technologies and phishing protection controls.

• Strong knowledge of network security, SASE architectures, secure connectivity, and Zero Trust principles.

• Excellent troubleshooting, analytical, and problem-solving capabilities.

• Strong stakeholder management and communication skills.

• Ability to balance security, operational requirements, and business objectives when implementing security controls.

Professional Certifications

• CISSP (preferred)

• CCSP (preferred)

• Microsoft Certified: Cybersecurity Architect Expert (SC-100)

• Microsoft Certified: Azure Security Engineer Associate (AZ-500)

• Microsoft Certified: Endpoint Administrator Associate (MD-102)

• Microsoft Certified: Security Operations Analyst Associate (SC-200) – desirable

• Zscaler Certified Architect (desirable)

• Palo Alto PCNSE, Fortinet NSE, or Check Point CCSA/CCSE – desirable

• CISM – desirable

What you'll get

Alongside meaningful work and strong development, we offer a reward package that typically includes

• Market-competitive pay and performance related rewards
• Flexible ways of working
• Support for health, wellbeing and life outside of work
• Time off to rest and recharge
• Ongoing learning and development opportunities
• Specific benefits vary by location

#TMICC

**Why join us?
**
This is a place for people who are passionate about ice cream and are growth obsessed - both for the business and for themselves. People who act like an owner and drive our business end-to-end. People who are driven by success to deliver more than we ever thought we could! 

You’ll thrive here if you value an inclusive culture, with low ego and hierarchy - and if you’re excited to continuously learn and challenge how we work, using digital, data, and new thinking to push us forward.

- Roles with real accountability and visible impact
- Free to move fast, experiment and challenge how things are done
- Continuous learning and development as the business grows
- Reward linked to performance and contribution.

Your career here is shaped by what you deliver, as you work across functions and markets and grow with the business.

Ready to build the future of Ice Cream?

If this sounds like the place where you'd thrive, we'd love to hear from you. Apply online and share your CV. We'll review your application and be in touch with the next steps.

If you are an individual with a disability and require assistance at any time during our recruitment process, please let your Talent Acquisition Partner know.

Additional information

The Magnum Ice Cream Company is an Equal Opportunity Employer. We embrace diversity and are committed to creating an inclusive environment where everyone can do their best work regardless of age, disability, gender identity, race, religion, sexual orientation, or any other protected characteristic.