Security Engineer- Cardiff in London

About Kocho

We are Kocho, an equal opportunities employer committed to delivering technology adoption services alongside technical consulting to help clients achieve their business goals on the journey to Become Greater. Our head office is located in the heart of London's West End, with flexible collaboration spaces that encourage our people to Become Greater and Do What's Right. We also have offices in Cardiff and Cape Town.

Position Summary

As a Security Engineer, you will play a critical role in safeguarding our organisation, clients, and partners from cyber threats. You will utilize your experience in Security Engineering or as a Senior Security Analyst to design, implement, and optimise security measures across systems, networks, and data, ensuring that controls remain effective, aligned to best practice and continuously improved. This role is primarily remote but you may be asked to come into the Cardiff office at your manager's discretion, with a successful candidate expected to attend a couple of times a month.

Key Responsibilities

• Deliver hands‐on expertise across the Microsoft Security Stack, particularly Microsoft Defender XDR and Microsoft Sentinel.
• Build, maintain, and enhance detection capabilities by deploying KQL analytical rules, developing Content Hub solutions, and tuning threat policies to ensure strong protection and high‐quality signal.
• Manage phishing simulation campaigns, lead vulnerability scans, and produce accurate, well‐structured reports with clear, actionable recommendations.
• Regularly engage with clients, presenting findings and guiding them through remediation activities alongside a Cyber Security Project Manager.
• Provide Incident Response support by handling escalations from the triage team, performing advanced investigations, and contributing to playbook automation using Azure Logic Apps to streamline processes and improve response consistency.
• Audit and uplift client environments across the Microsoft 365 Security Suite, focusing on areas such as Secure Score improvements, Device Tagging, Defender policy management, Exchange configuration hardening and other lifecycle‐related security tasks.
• Leverage scripting or automation skills (e.g., Python, Bicep, ARM, JSON, YAML) to further enhance operational efficiencies.

Required Qualifications

• A degree in Computer Science, Cyber Security or a related field, or equivalent and demonstrable experience.
• Extensive experience in Security Engineering or Senior Security Analysis.
• Strong knowledge of security protocols and industry standards.
• Experience with vulnerability testing and risk analysis.
• SME in Microsoft Defender XDR.
• Strong proven knowledge of KQL & Advanced Hunting.
• Experience using common vulnerability scanning tools and interpreting their results.
• Client‐facing skills, including the ability to translate technical findings into clear, actionable recommendations.
• Regular preparation of well‐structured reports, presentation of security insights to both technical and non‐technical stakeholders, and guidance to help clients strengthen their security posture.

Nice to Have

• Proficiency in languages, standards and assemblies/tools such as Python, Bicep, ARM, JSON, YAML.
• Familiarity with Jinja2, Codeless Playbooks, Azure Functions, Azure Logic Apps.
• Professional certifications such as AZ‐500, SC‐100, SC‐200, CISSP, CEH, CYSA+.
• GitHub portfolio of solutions you've built.

Equal Opportunity Employer

Kocho is an equal opportunities employer. We make recruitment decisions based on qualifications, skill set and experiences. We consider all suitable candidates regardless of their age, sex, gender reassignment, race, religious beliefs, marital status, disability, sexual orientation or any other protected characteristic. This mindset aligns with our company values as we understand that we are Better Together.