Job Description

Sodexo is currently hiring a Cloud and Core IT Cybersecurity Architect to join their amazing team
About the company: Sodexo is a global leader in quality of life services, founded in France in 1966. The company operates in over 50 countries, offering a wide range of services that include:On-site Services: Catering, cleaning, maintenance, and facilities management.Benefits & Rewards Services: Meal cards, gift cards, mobility solutions, and employee benefits.Personal & Home Services: Concierge, home care, and childcare (less prominent).Sodexo focuses on improving quality of life for employees, students, patients, and others across various sectors, including corporate offices, schools, healthcare, defense, and remote sites.

Sodexo in Portugal
Sodexo has been present in Portugal since 1996. Core Services, Employee Benefits & Rewards: Well known for offering meal cards like Sodexo Refeição Pass, as well as gift cards and fuel cards.On-site Services: Catering and facilities management in corporate, healthcare, and educational environments.Key Clients: Includes multinational corporations, public institutions, and local businesses.Mission in Portugal: Helping improve employee well-being and organizational performance through tailored workplace and benefits solutions.
About the role/What you'll do:
As a Cloud and Core IT Cybersecurity Architect, you will operate within the Global Information Cyber Security (GICS) team and play a critical part in Sodexo’s digital transformation. Your mission is to design, secure, and maintain the company’s Cloud and Core IT landscape, with a strong focus on Azure, Microsoft 365, identity infrastructures, and foundational security architecture.
Your responsibilities will include:
1. Technical Leadership & Security Architecture

Define functional and technical security prerequisites across major cloud initiatives.
Architect Azure Entra ID and on‑prem Active Directory following Zero Trust principles.
Collaborate across engineering, operations, and governance teams to implement security‑by‑design.
Contribute to drafting, defining, and rolling out security policies, directives, and guidelines.
Lead cloud security projects: requirements, solution evaluation, testing, contract negotiation, and implementation.

2. Microsoft Cloud & Endpoint Security

Secure Microsoft 365 services: Exchange Online, SharePoint, OneDrive, Teams.
Design and manage DLP policies, sensitivity labels, and retention policies.
Lead architecture for Microsoft Intune & Endpoint Management (iOS, Android, Windows, macOS).
Secure Windows 11 and Linux enterprise endpoints.
Manage identity, compliance configurations, app protection policies, and device lifecycle security.

3. Core IT Infrastructure Security

Design secure on‑prem infrastructure (servers, virtualization, storage, backups).
Analyze business and IT requests impacting cloud security; recommend mitigation measures.
Support entities in deploying security solutions aligned with business and compliance needs.
Assess risks in major IT and digital transformation projects before go‑live.

4. Risk Assessment & Governance

Apply security methodologies such as ISO 27005, eBIOS, etc.
Ensure alignment with enterprise security strategy and regulatory requirements.
Engage with internal business owners, clients, internal control, internal audit, and external auditors.

Requirements:

Education & Background

BS in Computer Science, Information Security, or related field (MS preferred).
3–6+ years of experience in Information Security (architecture, consulting, audit).
At least 2 years of hands‑on work with public cloud environments (Azure preferred).
Fluency in English and French

Technical Skills

Strong background across network, systems, databases, and application security.
Proficiency with Azure security, Entra ID, Active Directory, and Zero Trust.
Experience securing Microsoft 365 and Intune environments.
Knowledge of enterprise endpoint security (Windows 11, Linux).
Experience with risk assessment frameworks (ISO 27005, eBIOS).
Cloud certifications preferred (AZ‑500, AZ‑3xx, SANS SEC545).
Information Security certifications are a plus (ISO 27001, CISSP, CISM).

Soft Skills

Strong interpersonal and communication skills.
Ability to influence and collaborate with stakeholders at all organizational levels.
Strong analytical thinking and problem-solving mindset.
Ability to translate business needs into technical solutions.

What They Offer

Career growth path within 12–24 months.
Performance bonus (up to 2 monthly salaries).
Health insurance for employee + family, and life insurance.
24 days of annual leave.
Access to training platform with 7,000+ courses.

About Damia Group

Damia Group is a trusted talent solutions partner with over 30 years of experience supporting security-cleared environments, including defence, government, space, and aerospace.

We work closely with the UK’s leading prime suppliers, delivering high-quality staff augmentation and SOW-based project solutions across major technology and transformation programmes. Our long-standing client relationships are built on reliability, compliance, and a deep understanding of complex project demands.

With an actively managed network of specialist professionals, we connect the right talent to critical programmes quickly and effectively.

Our tailored approach and sector knowledge help organisations modernise their technology, strengthen security, streamline operations, and deliver business-critical transformation projects across both the public and private sectors.

If you need support in building an agile, blended workforce to deliver your business-critical transformation projects, get in touch with us today.

Industry

IT & Software

Company Size

51-200 employees

Headquarters

Guildford, GB

Year Founded

1995

Website

damiagroup.com

Social Media