Cyber Security Engineer in Cheshire, Warrington

This role will be key to our approach to Cyber Defence at Allwyn, managing the toolsets, processes and capabilities required to effectively deliver a world class security operations Centre.

Responsibilities will include:

• Managing the security engineering toolset
• Developing and maintaining the technology and capabilities deployed
• Supporting and advancing the operational security capabilities of the Cyber Security Team
• Working on new Security Projects
• Providing an advisory role to other elements of the business on best practice

The role will require establishing relationships with key stakeholders in Risk, Technology and Operations, and establishing yourself as a SME for cyber security within the organisation.

What you'll be doing:

• Advanced and Predictive Analytics: Run advanced and predictive analyses and perform assessments based on the Mitre ATT&CK framework. Validate, enhance and use predictive analytics software tools, correlate testing activities to ensure quality of use cases, and monitor using multiple SIEM technologies to keep the SOC threat‑led. Gather forensic data and physical equipment for investigations when necessary, act as incident responder for identified incidents and lead the incident response when required.
• Data and Analytics Strategy: Provide guidance and training on analysing data trends for security use cases, improve data and analytics systems, contribute to continuous refinement of the data and analytics security strategy, conduct regular security assessments, perform risk analysis, analyse breaches to find root causes, and generate reports for IT administrators, business managers and security leaders. Perform forensic analysis and gather evidence for correlation monitoring using multiple SIEM technologies.
• Security Improvement through AI: Create artificial intelligence algorithms that identify patterns or indicators of compromise in security logs to defend the environment. Ensure proactive development of new machine‑learning activities aligns with identified threats, leveraging extensive threat‑landscape knowledge.
• Cloud Security: Design, implement and maintain security controls for AWS and Azure, including Azure AIP, Defender, Azure AD, key vaults, log shipping, AWS GuardDuty, Security Hub, Trusted Advisor, Config, CloudTrail, CloudWatch, Inspector, etc. Serve as subject‑matter expert on all Azure security tooling and implement required security measures such as firewalls or message encryption.
• Planning and Organising: Work independently, providing guidance and training to others on planning, organising, prioritising and managing activities to efficiently meet business objectives. Lead updates to Protective Monitoring/SOC documentation, processes and procedures, ensuring consistency.

What experience we're looking for:

• Ability to work under pressure
• 1‑3 years' experience in a similar role
• In‑depth understanding of the cyber threat landscape and advanced adversary tactics
• Expert knowledge of Linux, Windows, Azure, AWS, Sentinel, Palo Alto and CyberArk
• Threat Modelling and Mitre ATT&CK experience
• In‑depth knowledge of a scripting language, preferably Python

Desirable Skills:

• Previous experience in a similar role
• Relevant cloud experience

Benefits:

• Company Bonus Scheme
• Matched pension contributions up to 8.5%
• 26 days annual leave + 2 Life Days (and bank holidays)
• Single Private Health Cover
• Complimentary Private Medical
• Income Protection
• Flexible Benefits – EV Scheme, Money Coach, Will Writing, Mortgage Advice, Dental and Eye Care Schemes
• Enhanced Family Leave (Maternity, Paternity, Adoption)
• Wellness Allowance £500
• Employee Assistance Programme
• Discounted Health Assessments
• Volunteering Days
• Matched Funding