Cyber Security Engineer

The Cyber Security Engineer will sit within the ‘Secure the Business’ stream of the IT department. The Secure the Business team, led by the Cyber Security Manager, is responsible for maintaining the organisation’s security posture, ensuring regulatory compliance, and protecting critical systems, networks, and data from evolving threats. Working closely with IT Operations, technology teams, and external partners including the MSP, vCISO, and Managed SOC, the team delivers hands‑on security operations, incident response, and vulnerability management.

The Cyber Security Engineer will play a key role in identifying, investigating, and remediating risks, while continuously improving technical controls in line with industry best practices, particularly within regulated environments such as financial services and insurance.

We are seeking a hands‑on Cyber Security Engineer to help strengthen our organisation’s security posture and protect our systems, data, and users. This role plays an integral part in daily security operations, incident response, vulnerability management, and the continuous improvement of our technical controls. You will work closely with the Cyber Security Manager, SOC analysts, IT Operations, and wider technology teams to ensure threats are detected, investigated, and remediated swiftly and effectively. Candidates with experience in financial or insurance environments, or familiarity with regulatory expectations in these sectors, will be particularly well suited.

• Monitor, triage, and respond to security alerts from the SOC and other security tooling.
• Conduct initial investigations, containment, and remediation activities.
• Escalate complex cases to forensics, insurance partners, or senior team members where appropriate.
• Contribute to post‑incident reviews and root‑cause analyses.
• Maintain accurate incident records and ensure updates are logged in relevant tracking systems.

Service & Ticket Management

• Manage cyber security‑related tickets within the ITSM platform, ensuring timely prioritisation and resolution.
• Collaborate with cross‑functional IT teams on issues requiring joint effort.
• Maintain high‑quality documentation and audit trails across service management systems.

Vulnerability & Patch Management

• Support operation and improvement of vulnerability scanning and assessment workflows.
• Review vulnerability findings, assess risk, and coordinate remediation activities with system owners.
• Assist in ensuring timely deployment of critical patches across endpoints and servers.
• Produce reports and dashboards detailing vulnerability status and patch compliance.

Endpoint Security & Microsoft Security Stack Administration

• Support administration of Microsoft Defender, Intune, Purview (DLP), and Entra ID configurations.
• Manage device and user groups, security baselines, and EDR/Automated Investigation and Response settings.
• Assist with device onboarding, configuration troubleshooting, and overall health monitoring of endpoint security.
• Help strengthen device compliance, conditional access, and multi‑factor authentication controls.

Security Awareness & User Behaviour

• Support organisation‑wide security awareness initiatives.
• Monitor training completion, behavioural trends, and follow up on poor performance where necessary.
• Assist in producing metrics, insights, and user‑focused communications after security events.

System Hardening & Security Engineering

• Contribute to ongoing improvement of OS, application, and endpoint hardening standards.
• Support implementation of secure configurations, application controls, and baseline enforcement.
• Help ensure devices and systems remain compliant with internal security standards and policies.

Security Reporting & Analytics

• Produce dashboards and regular reporting on vulnerability status, patching performance, SOC activity trends, threats, and user awareness metrics.
• Help refine reporting processes to support audits, management reviews, and continuous improvement.

Governance, Risk & Compliance (Desirable)

• Assist with audits, certifications, and compliance frameworks.
• Support vendor security assessments and review supplier cyber risk as required.
• Contribute to documentation, evidence gathering, and control validation processes.

Candidate Profile - Skills & Experience

• Hands‑on experience with Microsoft Defender suite, Intune, and Entra ID.
• Practical experience with vulnerability scanning and patch management platforms.
• Familiarity with ITSM systems and security‑related service management processes.
• Understanding of identity security principles and access control.
• Ability to conduct technical investigations, perform triage, and escalate appropriately.
• Working knowledge of Windows environments, networking fundamentals, and cloud/SaaS security concepts.
• Experience with Microsoft Purview (DLP) or similar data protection tooling.
• Exposure to the financial or insurance sector and understanding of sector‑specific regulatory requirements.
• Knowledge of security frameworks such as NIST, ISO 27001, CIS Benchmarks.

Key Attributes

• Problem‑solving skills: Ability to troubleshoot complex issues and provide effective solutions.
• A Team Player able to collaborate effectively with IT operations and business stakeholders.
• Communication: Excellent verbal and written communication skills to collaborate with stakeholders and present technical concepts.
• Adaptability: Ability to quickly learn new technologies and adapt to changing environments.
• Attention to detail: Ensures high standards of quality and reliability in all deliverables.
• A keen interest in staying up to date with emerging threats, technologies, and best practices.