Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to enhance security strategies and protect vital information systems.
- Company: Be part of a leading financial services company in Bristol with a strong focus on security.
- Benefits: Enjoy hybrid working, competitive salary, and comprehensive benefits.
- Why this job: Make a real impact on cybersecurity while working in a dynamic and supportive environment.
- Qualifications: Experience in Security Operations and knowledge of security frameworks like ISO27001 required.
- Other info: Contact Danny Palmer at danny.palmer@sandersonplc.com for more info or to apply.
The predicted salary is between 36000 - 60000 £ per year.
Cyber Security Engineer
Bristol – Hybrid Working / 1 or 2 days per week onsite
£45,000 – £50,000 + benefits
Fantastic new permanent opportunity for an experienced Cyber Security Engineer with this large financial services company based in Bristol. As a key member of the Planning, Architecture & Security services team, the role will be at the forefront of the company’s security strategy, ensuring the confidentiality, integrity and availability of all their information and information systems.
This role will focus on security and quality control in the IT department and will include designing, building and securing, scalable and robust systems. This role will help the company understand security threats and help create strategies to protect the businesses assets and interests.
Main responsibilities:
- Proactively identify information security deficiencies or opportunities for improvement and facilitate development of pragmatic solutions.
- Plan, implement and upgrade security measures and controls.
- Establish plans and protocols to protect digital files and information systems against unauthorized access, modification and/or destruction.
- Contribute to the IT Strategy planning process with regards to Information Security, ISO27001/27002 developments.
- Provide advisory and consulting support to help the Company improve its security posture and adhere to security policies, expected controls and regulatory requirements.
- Maintain data and monitor security access.
- Perform vulnerability testing, risk analyses and security assessments.
- Define, implement and maintain corporate security policies.
- Anticipate security alerts, incidents and disasters and reduce their likelihood.
- Perform information security reviews of the core business and group business as well as third parties.
- Identify and document areas of IT Risk related to Information/Cyber Security.
- Support IT Risk Management by proposing appropriate risk mitigation and control measures.
Skills Required:
- A proven background within Security Operations / Network Security and Security Engineering.
- Able to demonstrate a good understanding of information security frameworks, standards and security best practice (ISO27001, NIST CSF, Mitre Att&ck Framework, OWASP).
- Experience in designing secure components (e.g. networks, systems, applications, security technologies)
- Knowledge of and skills in at least one scripting language such as PowerShell.
- Comprehensive knowledge of network design, defence-in-depth principles and network security architecture.
- Extensive experience and understanding of security analysis tools, defensive technologies and other security technologies (e.g. SIEM, VAS, IDS/IPS, Firewalls, IAM, PAM, NAC, Email Security, Web filtering, Patch management, Anti-malware).
- Experience in identifying, detecting, applying protection, responding and remediating to security incidents to within business risk appetite.
- Strong working knowledge of authentication technologies (e.g. two-factor, multifactor).
- Strong proficiency in using the Microsoft Ecosystem such as Active Directory and MS Entra ID, including GPO, DNS, DHCP.
- Knowledge of endpoint security solutions (e.g. HIDS, anti-malware, file integrity, DLP).
- AWS, Azure and other cloud platforms, including hybrid cloud (e.g. SaaS, IaaS, PaaS).
- System administration, supporting multiple platforms and applications.
- Skilled in conducting vulnerability scans and identifying vulnerabilities in systems.
- Effective technical and non-technical communication skills to provide security support for colleagues, at all levels, across the business.
For any further queries regarding the role or to apply, please contact Danny Palmer on at danny.palmer@sandersonplc.com
Information Technology Security Engineer employer: Sanderson
Contact Detail:
Sanderson Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Technology Security Engineer
✨Tip Number 1
Familiarize yourself with the specific security frameworks mentioned in the job description, such as ISO27001 and NIST CSF. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and alignment with the company's security strategy.
✨Tip Number 2
Showcase your experience with security analysis tools and technologies like SIEM and IDS/IPS. Prepare examples of how you've used these tools to identify and mitigate security threats in previous roles, as this will highlight your practical knowledge and problem-solving skills.
✨Tip Number 3
Brush up on your scripting skills, particularly in PowerShell. Being able to demonstrate your ability to automate security tasks or create scripts for vulnerability assessments can set you apart from other candidates.
✨Tip Number 4
Prepare to discuss your experience with cloud security, especially in AWS and Azure environments. Highlight any projects where you implemented security measures in hybrid cloud setups, as this is increasingly relevant in today's IT landscape.
We think you need these skills to ace Information Technology Security Engineer
Some tips for your application 🫡
Understand the Role: Before applying, make sure you fully understand the responsibilities and requirements of the Cyber Security Engineer position. Familiarize yourself with key terms like ISO27001, NIST CSF, and the specific security technologies mentioned in the job description.
Tailor Your CV: Customize your CV to highlight relevant experience in security operations, network security, and security engineering. Emphasize your knowledge of security frameworks and any hands-on experience with the tools and technologies listed in the job description.
Craft a Strong Cover Letter: Write a compelling cover letter that showcases your passion for cybersecurity and your understanding of the company's security strategy. Mention specific examples from your past work that demonstrate your ability to identify security threats and implement effective solutions.
Highlight Communication Skills: Since the role requires effective communication with colleagues at all levels, be sure to include examples of how you've successfully communicated technical information to non-technical stakeholders in your application.
How to prepare for a job interview at Sanderson
✨Showcase Your Security Knowledge
Be prepared to discuss your understanding of information security frameworks like ISO27001 and NIST CSF. Highlight any relevant experience you have with security best practices and how you've applied them in previous roles.
✨Demonstrate Technical Proficiency
Make sure to mention your experience with security analysis tools and technologies such as SIEM, IDS/IPS, and firewalls. If you have experience with scripting languages like PowerShell, be ready to provide examples of how you've used them to enhance security measures.
✨Discuss Risk Management Strategies
Prepare to talk about how you've identified and mitigated IT risks in past positions. Share specific examples of vulnerabilities you've discovered and the strategies you implemented to address them.
✨Communicate Effectively
Since the role requires effective communication across all levels of the business, practice explaining complex security concepts in simple terms. Be ready to discuss how you've supported colleagues in understanding security policies and procedures.
