Cyber Security Engineer in Bromley

ONLY APPLY IF YOU ARE LOCATED NEAR THE KENT AREA AND CAN TRAVEL INTO THE OFFICE 5 DAYS A WEEK.

We are looking for two hands-on Cyber Security Engineers to help protect our organisation from evolving cyber threats. This operational security role is ideal for someone who enjoys investigating incidents, working with a wide range of security technologies, and making a direct impact on cyber resilience.

You will play a central role in our cyber defence operations, working daily with platforms including Microsoft Defender for O365, Entra ID, Intune, Rapid7 SIEM, and Sophos Antivirus. The role involves monitoring security events, investigating suspicious activity, responding to incidents, and continuously strengthening our security posture.

You’ll join a supportive and collaborative environment with ongoing opportunities to develop your technical expertise and progress your career within cyber security.

• Security Monitoring & Incident Response
  • Monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos Antivirus.
  • Investigate cyber security incidents including malware infections, phishing attacks, identity compromise, and unauthorised access attempts.
  • Conduct incident triage, root cause analysis, containment, remediation, and recovery activities.
  • Lead or support incident response activities in line with internal procedures and security standards.
  • Escalate major incidents appropriately and provide timely updates to stakeholders.
• Threat Detection & Prevention
  • Identify emerging threats, vulnerabilities, and attack trends relevant to the organisation.
  • Tune and optimise security tooling to improve detection capability and reduce false positives.
  • Implement and maintain endpoint protection controls and security policies.
  • Support vulnerability management processes, including remediation planning and risk tracking.
• Security Operations & Continuous Improvement
  • Maintain and enhance security monitoring rules, alerts, dashboards, and reporting.
  • Contribute to the development of incident response playbooks and operational runbooks.
  • Support security audits, compliance initiatives, and risk assessments.
  • Help drive continuous improvement in the organisation’s overall cyber security maturity.
• Collaboration & Communication
  • Work closely with IT, infrastructure, and service desk teams to resolve security-related issues.
  • Produce clear and concise technical and non-technical incident reports.
  • Identify phishing trends and risky user behaviours, supporting security awareness activities.
  • Assist with security projects and the implementation of new technologies.

Working Hours 40 hours per week, Monday to Friday. Flexible start times between 7:30am and 9:30am. Following a successful training period, hybrid working is available with up to one day per week working from home.

• Experience in a Cyber Security Engineer, SOC Analyst, or similar security-focused role.
• Hands-on experience with Microsoft Defender for Endpoint and/or Microsoft 365 Defender.
• Experience using Rapid7 SIEM or a comparable SIEM platform for monitoring and investigations.
• Experience managing or supporting Sophos Antivirus or similar endpoint protection solutions.
• Strong understanding of cyber threats, attack vectors, and incident response methodologies.
• Ability to analyse logs, alerts, and endpoint activity to determine impact, scope, and root cause.
• Good understanding of Windows environments and core networking concepts.
• Strong documentation, reporting, and communication skills.
• Practical experience with security tools such as IDS/IPS, Metasploit, Nexpose, Nmap, Nessus, Wireshark, L0phtCrack, John the Ripper, or similar technologies.
• Familiarity with security frameworks and standards including ISO 27001 and the NIST Cybersecurity Framework.