Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our DevSecOps team to enhance cyber maturity and manage security technologies.
- Company: A specialist technology business in Glasgow focused on IT infrastructure and security.
- Benefits: Enjoy hybrid working, competitive salary, and a range of corporate perks.
- Why this job: Make a real impact on security practices while collaborating with talented tech teams.
- Qualifications: Hands-on experience with security tools and knowledge of information security frameworks required.
- Other info: Opportunity for growth in a dynamic environment with a focus on innovation.
The predicted salary is between 48000 - 52000 £ per year.
Glasgow – Hybrid working 3 days per week in the office
£60,000 - £65,000 + benefits
Fantastic new permanent opportunity for an experienced IT Security Engineer with a broad background within IT Infrastructure, Security Engineering and Operations for this specialist technology business based in Glasgow. As a specialist IT Security Engineer, you will work as part of their DevSecOps team based in Glasgow. The role will involve working closely with the wider technology teams to enhance their cyber maturity. Furthermore, it provides the opportunity to contribute towards the implementation and management of various security technologies.
Main responsibilities:
- Analysing security events and incidents relating to internal and customer assets.
- Designing and developing SIEM security use cases.
- Designing and implementing security controls and secure configurations.
- Maintaining proactive vulnerability scanning ensuring that all known vulnerabilities are addressed in line with policy.
- Collaborating with development teams to implement secure development practices.
- Configuring and maintaining security tooling across the infrastructure.
- Collaborating on maturing security incident management processes and playbooks.
- Collaborating with third-party led security tests, assessments and audits of our information security policies, procedures, and systems.
- Identifying, assessing, managing, remediating, and tracking information security risks through our risk management framework and ensuring key risks are reported to the CISO.
- Performing regular internal security audits aligned to ISO/IEC 27001 and SOC2 controls.
- Developing our security awareness training programme aligned with internal security policies.
- Comfortable engaging with customers and internal stakeholders to discuss security related matters.
Skills Required:
- Proven hands-on experience as a Security Engineer or similar working with tools such as SIEM, vulnerability management, endpoint detection & response (EDR), applications security, identity, and access management, etc.
- Ability to work in a small high performing team, collaborating with other technical resources whilst aligning to the security strategy.
- A security engineer with experience of learning, adapting and utilising different security technologies, including but not limited to private and cloud infrastructure.
- Technical knowledge and experience with SIEM, SOAR, IDPS, DDoS, Malware Protection, Vulnerability Management, and Application Security tooling, etc.
- Knowledge of Information Security frameworks (CIS, NIST, NCSC CAF), supporting processes and toolsets.
- Ability to breakdown and solve complex problems across multiple domains and successfully lead the recovery of major and / or complex security incidents.
- Knowledge and experience of threat hunting and problem-solving through reviewing logs and identifying anomalous activities.
IT Security Engineer employer: Sanderson
Contact Detail:
Sanderson Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT Security Engineer
✨Tip Number 1
Familiarise yourself with the specific security tools mentioned in the job description, such as SIEM and vulnerability management systems. Having hands-on experience or even personal projects showcasing your skills with these tools can set you apart from other candidates.
✨Tip Number 2
Engage with online communities or forums related to IT security. Networking with professionals in the field can provide insights into the latest trends and challenges, which you can discuss during interviews to demonstrate your passion and knowledge.
✨Tip Number 3
Prepare to discuss real-world scenarios where you've successfully managed security incidents or vulnerabilities. Being able to articulate your problem-solving process and the outcomes will showcase your practical experience and readiness for the role.
✨Tip Number 4
Research StudySmarter's approach to security and any recent initiatives they've undertaken. Tailoring your conversation to align with their values and demonstrating how you can contribute to their security maturity will make a strong impression.
We think you need these skills to ace IT Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in IT Security, particularly with tools like SIEM and vulnerability management. Use specific examples that demonstrate your hands-on experience and problem-solving skills.
Craft a Strong Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Mention how your background aligns with their needs, especially your experience in collaborating with development teams and enhancing cyber maturity.
Highlight Relevant Skills: Clearly outline your technical knowledge and experience with security frameworks such as CIS, NIST, and SOC2. Emphasise your ability to work in a high-performing team and your adaptability to different security technologies.
Showcase Problem-Solving Abilities: Provide examples of how you've successfully led the recovery of complex security incidents or conducted internal security audits. This will demonstrate your capability to handle the responsibilities outlined in the job description.
How to prepare for a job interview at Sanderson
✨Showcase Your Technical Skills
Be prepared to discuss your hands-on experience with security tools like SIEM, EDR, and vulnerability management. Highlight specific projects where you've successfully implemented these technologies, as this will demonstrate your practical knowledge and problem-solving abilities.
✨Understand the Company’s Security Frameworks
Familiarise yourself with the information security frameworks mentioned in the job description, such as CIS, NIST, and NCSC CAF. Being able to discuss how these frameworks apply to the role will show that you are not only knowledgeable but also genuinely interested in their security practices.
✨Prepare for Scenario-Based Questions
Expect questions that assess your ability to handle complex security incidents. Prepare examples from your past experiences where you identified, managed, or remediated security risks, and be ready to explain your thought process and the outcomes.
✨Demonstrate Collaboration Skills
Since the role involves working closely with development teams and other stakeholders, be ready to discuss how you’ve successfully collaborated in previous roles. Share examples of how you’ve contributed to secure development practices or worked on maturing security processes.
