Cyber Security Engineer - Assistant Vice President

Cyber Security Engineer - Assistant Vice President

Full-Time 60000 - 80000 £ / year (est.) No working from home possible
Mizuho

At a Glance

  • Tasks: Join our Proactive Security team to develop cutting-edge security technology and mitigate threats.
  • Company: Mizuho, an inclusive employer committed to diversity and equality.
  • Benefits: Competitive salary, 27 days leave, hybrid working, and wellbeing support.
  • Other info: Flexible working arrangements and clear paths for progression available.
  • Why this job: Make a real impact in cybersecurity while growing your career in a supportive environment.
  • Qualifications: 5+ years in security engineering, strong communication skills, and proficiency in scripting.

The predicted salary is between 60000 - 80000 £ per year.

This job is with Mizuho, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.

Profile Summary

Seeking security engineer to join our Proactive Security team, this role will focus on the development of security technology stack to ensure threat mitigation is in place through offensive and preventive measures.

Duties and Responsibilities

  • Threat Modelling & Risk Analysis: Develop and maintain threat models for Mizuho information assets and services. Assess and recommend security controls during design and implementation of new projects. Build and maintain tools for proactive detection, configuration drift monitoring and automated remediation. Security tooling integration and orchestration. Develop and implement SOAR capabilities that align with existing technology stack. Experience with KMS systems and methodologies. Identity based threat detection and prevention. Privileged Access and Session Management.
  • SIEM Management: Design, implement, and maintain workspaces, including data connectors, Logic App, Function App, analytics rules, workbooks, and playbooks. Develop and refine custom queries for advanced threat hunting, incident investigation, and reporting. Optimize SIEM performance, cost, and data retention policies. Identify new log sources and work closely with infrastructure teams. Identify, onboard, and configure critical security log sources with a focus on critical infrastructure services such as Active Directory (Domain Controllers, ADFS), network devices, firewalls, servers (Windows/Linux), and cloud infrastructure logs. Manage Event Collector and Event Forwarding infrastructure. Implement data filtering to ensure high-quality and relevant data ingestion. Parse and analyse custom log formats to extract relevant information for SIEM. Troubleshoot log ingestion issues.
  • Threat Detection & Use Case Development: Develop, test, and deploy advanced threat detection use cases, and common infrastructure attack patterns. Translate threat intelligence and vulnerability insights into actionable detection rules. Continuously review and refine existing detection rules to minimize false positives and improve efficacy.
  • Security Monitoring: Analyse, develop and refine security monitoring controls, practices and use-cases to detect anomalies and incidents across the applications and infrastructure estate. Collaborate with SOC team to enrich detection logic based on known vulnerabilities and misconfigurations.
  • Incident Response & Security Operations: Formulate proactive threat hunting rules based on emerging threats and intelligence. Contribute to the development and improvement of security playbooks and operational procedures.
  • Security Best Practices & Advisory: Provide expert guidance on securing application and critical infrastructure components. Help set up POC and evaluation on new security tools and explore the gap in controls.
  • Other: Providing subject matter expertise in Cyber Security team as needed. Contribute to the design and delivery of security monitoring and control effectiveness measures. Availability to cover anywhere from 7am to 7pm on all business days.

Qualifications, Skills, and Experience

  • Relevant experience on security tool implementation projects (SIEM, Proxy, EDR, DLP and SEG).
  • Experience working with Cyber Security and Incident Response frameworks such as NIST, Kill Chain, Attack life Cycle, & MITRE.
  • Excellent communication skills, both written and verbal, with good documentation.
  • Minimum of 5+ years of experience in Security Engineering, Security Automation/or Orchestration, or similar cybersecurity role.
  • Expert-level proficiency in query languages.
  • Demonstrable hands-on experience with SIEM (implementation, configuration, custom rule creation).
  • Strong practical experience with EDR and SIEM technology stack.
  • In-depth understanding of Active Directory security principles, common attack vectors, and logging mechanisms.
  • Experience with Windows event collection.
  • Proficiency in scripting (e.g., PowerShell, Python) for automation, data manipulation, and custom log parsing.
  • Solid understanding of networking concepts (TCP/IP, firewalls, proxies, VPNs) and security protocols.
  • Familiarity with cloud security principles, Azure, GCP, AWS.
  • Working knowledge over a range of operating systems and platforms including: Windows Server, Windows XP, UNIX (Solaris, Linux).
  • Working knowledge of networks: LAN, WAN, Palo Alto, FortiGate, switches, Firewalls, remote access solutions, and VPNs.
  • In-depth experience with SIEM tools with a strategic oversight on appropriate use case methodologies. Implementation of robust security monitoring use cases and Threat hunting capabilities.
  • Relevant industry certifications (e.g., AZ-500, SC-200, SC-900, CompTIA Security+) or similar Cert with Security Orchestration, Automation, and Response (SOAR) playbooks within Sentinel or other platforms.
  • Scripting skills (PowerShell, Python) for automation and data manipulation.

What Mizuho Can Offer You

Here at Mizuho, there are fantastic progression opportunities and clear paths to promotion. We will give you ample opportunity to affect change and to help grow our business. In addition to the great opportunity outlined above we are also currently able to offer:

  • Competitive starting salary, plus discretionary bonus.
  • Non-contributory pension.
  • 27 days' annual leave.
  • Core working hours.
  • Hybrid working - office and home based.
  • Virtual GP.
  • Wellbeing benefits, including Mental Health Allies and First Aiders.

At Mizuho, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs. We are committed to supporting equality and diversity, and seek to create a workplace that is fully inclusive. We welcome applications from all sections of the community that we operate in and from all ethnic backgrounds, sexual orientation, beliefs, gender identities and disabilities. If you require more information about our equal opportunities policy or wish to discuss any accessibility requirements or reasonable adjustments please contact the recruitment team - recruitment@mizuhoemea.com and we will be happy to help.

Cyber Security Engineer - Assistant Vice President employer: Mizuho

Mizuho is an excellent employer, offering a dynamic work environment where innovation in security technology is at the forefront. With a strong focus on employee growth and development, team members benefit from hybrid working arrangements, competitive benefits such as a non-contributory pension, and ample annual leave, all while contributing to meaningful projects that enhance security measures. Join us in a culture that values collaboration and excellence, making a real impact in the field of cyber security.

Mizuho

Contact Details:

Mizuho Recruitment Team

We think you need these skills to ace Cyber Security Engineer - Assistant Vice President

Threat Modelling
Risk Analysis
Security Tooling Integration
SOAR Capabilities Development
KMS Systems and Methodologies
Privileged Access Management
SIEM Management