Skip to content
Tesco Czech Republic Hybrid Full-Time Permanent Working hours 40 Apply by 15-May-2027
About the role
We are looking for a highly skilled Senior Cloud Security Analyst with deep expertise in Microsoft Azure IAM, Privileged Identity Management (PIM), and cloud security governance. In this role, you will lead security posture assessments, identify identity‑related risks, define remediation strategies, and drive security improvements across large‑scale enterprise Azure environments.

This is a strategic, hands‑on position where your decisions directly shape the security of our cloud platforms.

Key Skills:

  • Azure IAM Security
  • Microsoft Entra ID
  • Cloud Security Governance
  • RBAC & PIM
  • Identity Governance
  • Zero Trust
  • Security Assessments & Remediation
  • Risk Analysis
  • Stakeholder Management
  • Cloud Infrastructure Security
What is in it for you
Tesco is a diverse and exciting employer, dedicated to being #aplacetogeton, providing career-defining opportunities to all of our colleagues. If you choose to join our business, we will provide you with (for all):

  • Up to 20% yearly salary bonus - based on both individual and business performance
  • Sick leave Compensation
  • 1 extra week of annual leave above your legal entitlement of 4 weeks of annual leave of paid leave to support our well-being and family life
  • Pension insurance contribution
  • Cafeteria benefit system & Multisport card
  • Training and Development Plan, supported by certified training and learning platforms like Udemy, Udemy Pro and LinkedIn
  • Referral Bonus
  • Flexible work time
You will be responsible for
  • Assess Azure IAM security across enterprise environments, including architecture, configurations, and access controls.
  • Identify risks and misconfigurations such as excessive privileges, orphaned identities, privilege escalation paths, and compliance gaps.
Review and analyse:
    • Azure Active Directory / Microsoft Entra ID
    • RBAC models
    • PIM
    • Conditional Access
    • Managed Identities
    • Service Principals
    • Identity Governance
    • MFA and Access Review processes
  • Define remediation plans and security hardening recommendations.
  • Collaborate with cloud engineering, infrastructure, SecOps, IAM teams, and application owners to implement remediation.
  • Lead remediation workshops and track progress to closure.
  • Develop Azure IAM governance standards, policies, and best practices.
  • Perform security reviews for new Azure deployments and cloud transformation initiatives.
  • Support audit and compliance activities related to cloud IAM.
  • Produce technical reports, risk assessments, dashboards, and executive summaries.
  • Provide guidance on Zero Trust and least‑privilege models.
  • Monitor Azure security posture using native and third‑party tools.
  • Recommend improvements for automation, monitoring, and continuous compliance.
You will need
  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or equivalent experience.
  • 8+ years in cybersecurity, IAM, or cloud security.
  • 5+ years securing Microsoft Azure environments.

Strong expertise in:

  • Microsoft Azure
  • Microsoft Entra ID (Azure AD)
  • Azure RBAC
  • PIM
  • Conditional Access
  • Identity Governance
  • Azure Policy
  • Microsoft Defender for Cloud
  • Microsoft Sentinel

Solid understanding of:

  • Zero Trust architecture
  • Least privilege principles
  • IAM governance frameworks
  • Cloud security architecture
  • Security risk management
  • Experience leading IAM maturity assessments and remediation programs.
  • Strong analytical, problem‑solving, and stakeholder management skills.
  • Excellent written and verbal communication skills.

Preferred Qualifications

Microsoft certifications:

  • Azure Security Engineer Associate
  • Cybersecurity Architect Expert
  • Identity & Access Administrator Associate
  • Security certifications: CISSP, CCSP, CISM, GIAC.
  • Experience with hybrid identity and multi‑cloud security.
  • PowerShell, Terraform, Azure CLI.
  • Familiarity with SOX, ICFR, NIS2.
About us
Tesco Technology was established in Prague to support Tesco’s retail business in Central Europe and across the Tesco Group. What began as a regional center over 25 years ago has evolved into a modern, forward-thinking team, driving innovation and digital transformation throughout the region. 
 
With operations in the UK, Ireland, India, Hungary, Poland, and the Czech Republic, we’re committed to delivering great value to our customers every day. 
 
Let’s {code} the future together at {Tesco Technology}! 
© Tesco Careers 2026. All rights reserved.