Information Security Engineer in England

The Information Security Engineer will work closely with the Head of Security and Infrastructure, as well as the wider IT and Governance teams, to ensure the ongoing protection of RLB’s IT environments. This is a critical role responsible for protecting infrastructure, cloud, software, and data against unauthorised use, modification, exfiltration, or damage. This role identifies threats, manages projects and engineers solutions. An ideal candidate for this role is dedicated to learning new things, security-minded, strong initiative, and able to manage projects autonomously across diverse topics.

Role Responsibilities

• Security Operations & Monitoring: Management of day-to-day security operations and act as the primary contact for the third-party SOC. Analyse and interpret logs, alerts, and threat data to identify potential security incidents. Ensure security alerts and incidents are managed and remediated. Ensure security tooling is correctly configured, operational, and fully utilised.
• Threat Detection, Incident Response & Vulnerability Management: Support or lead security incident investigations, including root cause analysis and remediation. Conduct vulnerability assessments and maturity scans, ensuring risks are clearly communicated and mitigated. Oversee third party penetration tests, manage remediation plans, and maintain strong vendor relationships.
• Security Engineering & Technology: Work with Microsoft security technologies such as Microsoft Purview, Defender, M365, Entra ID, and Azure security tools, email security solutions and endpoint protection solutions. Oversee configuration changes, ensure tools are effectively integrated, and monitor identity and access management to detect potential misuse of credentials or privileges. Apply technical expertise to support improvements to security configuration, identity management, and endpoint security. Support internal teams when changes to systems may impact SOC monitoring or defensive controls.
• Governance, Audit & Compliance: Help ensure alignment with standards such as Cyber Essentials Plus, NIST 800-171, ISO 27001, and UK GDPR. Carry out security audits and respond to DSAR requests. Assist with internal/external audits and maintain documentation to demonstrate compliance with RLB’s security requirements. Assist with the completion of supply-chain risk assessments. Provide support for the secure onboarding of software, ensuring adherence to data security protocols, software development best practices, and all relevant requirements.
• Security Culture & Continuous Improvement: Develop and support awareness initiatives, phishing simulations, and internal training. Stay ahead of new threats and emerging technologies, recommending ongoing improvements. Promote best practice security behaviours.

Qualifications

• Certifications such as CEH, CISSP, Security+
• Relevant Microsoft certifications (SC-900, SC-200, AZ-140)
• Ability to obtain Security Clearance (essential)

Experience

• Extensive experience configuring and managing M365, Microsoft Purview, Defender, and the broader Microsoft cloud security ecosystems.
• Experience working with information classification systems and Data Loss Prevention techniques.
• Experience working with or managing third party SOC, SIEM, and security vendors.
• Background in overseeing penetration tests and coordination of remediation activities.
• Solid understanding of incident response, vulnerability management, and general cyber defence principles.
• Demonstrable experience in NIST 800-171 & ISO 27001-compliant environments.

Behaviours

• Excellent interpersonal skills with the ability to influence peers and seniors on matters concerning protective security.
• Excellent organisational skills with the ability to prioritise workload and deliver to tight time scales.
• Possesses a professional and confident manner and maintains confidentiality at all times.
• A highly motivated and driven individual who adopts a flexible and adaptable approach.

Desirable

• Exposure to secure software development and implementation practices.

RLB Employee Benefits

• Hybrid Working – Working patterns to support your work-life balance.
• Well-Rewarded – A competitive salary and generous holiday entitlement, with the opportunity to purchase up to five extra days.
• Focus On Wellbeing – We offer a number of health and wellness options, including gym membership and cycle to work schemes.
• Healthcare Packages – Private healthcare insurance and medical support, including dental insurance and eyecare vouchers.
• Personal Development – A continuous learning and development programme, including established APC and in-house mentoring schemes.
• Additional Benefits – We offer a wide range of benefits including a season ticket loan and professional membership subscriptions.
• Exceptional Exposure – You’ll have the opportunity to work on diverse projects across different sectors and regions.
• Social Responsibility – We hold team and social events as well as charity fundraising and volunteering activities.

Our Diversity, Equity & Inclusion Commitment

We believe in building a diverse and inclusive environment where each person can be themselves, feel valued for their contribution and be challenged and supported to reach their full potential. We have a responsibility to support the communities in which we live and work, and that our workforce should reflect these communities and our clients. Our talent strategy should enable us to overcome bias in the construction industry by recruiting, retaining, developing, and promoting a diverse and inclusive workforce.