Cyber Security Engineer in Leeds

Location: We operate a hybrid schedule, meaning 2-3 days a week in the office based at Thorpe Park, Leeds.

Salary: £DOE plus extensive benefits

Contract type: Permanent

Employment type: Full time

Working hours: We work on a core hours principle. Our core hours are 09:30 - 16:00; you can work around these to suit you!

Do you want to work for the nation’s largest online pharmacy ensuring excellence for all our patients? We’re a market leader in the pharmacy world, with 25 years’ experience, helping over 1.8 million patients in England manage their NHS prescriptions from request through to delivery. We are Great Place to Work certified as we consider colleague experience a top priority every day, and as a certified B Corp we also meet high standards of social and environmental responsibility. Our people are fundamental to our success and ensuring we achieve our vision to be a world leading, patient-centric digital healthcare provider. We are committed to continuing to develop a positive, open and honest working environment for all. Our tech teams keep us running 24/7 to make sure all our patients get world class service. To support that, this role may include participation in an out-of-hours rota as required by the business. We operate fair scheduling process as well as additional compensation for all on call periods.

As a Cyber Security Engineer, you’ll protect and strengthen our technology environment by optimising security tools, delivering expert guidance, and driving impactful security improvements across platforms and applications. Working across technologies including Microsoft 365, Exchange, networking, Windows Server, and third-party systems, you’ll play a key role in enhancing security posture and enabling the business to operate safely. This role suits a proactive problem solver who challenges the status quo, embraces change, and is driven to find the most secure way to deliver business outcomes.

Why you’ll love working with us

• Financial security & rewards
• Competitive contributory pension
• Occupational sick pay
• Long-service awards and refer-a-friend bonuses
• Professional registration fees covered (GPhC, NMC, CIPD and more)
• Cycle to Work and Green Car schemes (subject to eligibility)
• Family-friendly
• Enhanced maternity and paternity pay
• Flexible hybrid working to help balance work and home life
• Health & wellbeing
• Private healthcare insurance at discounted rates (Aviva)
• Employee Assistance Programme and in-house mental health support
• Access to discounted gym memberships via Blue Light Card and benefits schemes
• Regular health and wellbeing initiatives
• Career growth
• Strong commitment to CPD, training and professional development
• Time off & flexibility
• 25 days’ annual leave, increasing with service
• Buy and sell holiday scheme
• Everyday perks & exclusive discounts
• Blue Light Card and employee discount platform
• Exclusive discounts at The Springs, Leeds
• 25% off health & beauty purchases
• 25% off Pharmacy2U Private Online Doctor services
• Culture & community
• Regular social events throughout the year

What you’ll be doing?

• Perform daily system checks and monitor information security alerts (AV, firewalls, M365, etc.)
• Report on the performance and effectiveness of technical security controls
• Manage vulnerabilities by identifying, prioritising, and remediating risks across hardware and software
• Assess security risks associated with technical and business changes
• Evaluate the potential business impact of security changes
• Communicate identified weaknesses and vulnerabilities clearly to stakeholders
• Collaborate with technical teams across the business, partners, and third-party providers
• Work with cyber security suppliers, including SOC providers and penetration testers
• Support incident response and investigation activities
• Test, evaluate, build, and implement security changes aligned to business needs
• Stay current with developments in information security and emerging technologies
• Monitor threat intelligence and assess organisational exposure to evolving threats
• Maintain application and infrastructure security, including antivirus, endpoint protection, and other controls

Who are we looking for?

• Strong understanding of information security concepts, principles, and best practices
• Experience in vulnerability management, including identifying, prioritising, and remediating risks across endpoints and applications
• Hands‑on experience with Microsoft Defender (Endpoint, Identity, Cloud, Office, etc.)
• Knowledge of technical risk management practices
• Familiarity with Windows endpoint technologies, including Intune, BitLocker, and Defender
• Experience securing cloud environments (PaaS, IaaS, SaaS)
• Willingness to collaborate with operational teams and provide security expertise
• Excellent written and verbal communication skills, with the ability to engage both technical and non‑technical audiences
• Adaptability and openness to learning new technologies and applications
• Strong analytical and problem‑solving skills
• Ability to build and maintain effective working relationships across the organisation

Applicants must prove they have the right to live in the UK. All successful applicants will be required to undergo a DBS check.