Lead Cyber Security Engineer

SThree are pleased to announce we’re recruiting for a talented Lead Cyber Security Engineer to join & guide our excellent team based in our fantastic office space located in the Cadworks Building, Glasgow. The Cyber Security Engineering Lead acts as the technical authority across all domains of cloud and endpoint security, taking full ownership of hardening, automation, and threat mitigation. The role is not managerial in the traditional sense; it exists to drive technical capability, mentor through engineering leadership, and deliver resilient, scalable defences. This role is hands-on, outcome-focused, and instrumental in building, automating, and scaling secure architectures and controls across the digital estate.

About us: SThree is the global STEM-specialist talent partner that connects sought-after specialists in life sciences, technology, engineering and mathematics with innovative organisations across the world. We are the number one destination for talent in the best STEM markets: Recruiting highly skilled professionals and discovering life-changing jobs for the unsung heroes who will positively shape our future.

What are the day-to-day tasks?

• Security Engineering & Automation: Architect and implement security controls across Microsoft 365, Azure, Dynamics 365, Kubernetes (AKS), and AI/ML workloads. Lead the design and deployment of conditional access, Defender for Cloud, Purview DLP, Azure Firewall, and related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container workflows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines.
• Platform Security Oversight: Own and optimise endpoint security through Intune, ensuring device compliance and integration with Zero Trust. Harden AKS clusters and cloud-native apps through role-based access control (RBAC), secrets management, and runtime protection. Secure data pipelines and models in AI workloads, implementing guardrails for model integrity and prompt injection defence.
• Cloud & Network Security: Engineer secure access and posture for Cisco Meraki infrastructure and Umbrella SWG services. Enforce network segmentation, micro-perimeter security, and policy-based routing for hybrid network models. Oversee DNS, web access, and remote gateway protection at the edge.
• Security Operations & Threat Defence: Act as the technical escalation point for complex threat investigations and incident response. Lead red-teaming simulations, vulnerability assessments, and threat hunting activities. Support proactive telemetry monitoring and improvement of detection logic and alert fidelity.
• Leadership & Mentoring: Provide engineering mentorship to junior analysts and engineers; lead by doing. Shape and communicate the security engineering roadmap in alignment with the Cyber Security Strategy.

What skills and knowledge are we looking for?

• Deep hands-on knowledge of Microsoft security stack (M365 Defender, Sentinel, Intune, Azure Policy, PIM).
• Proven experience deploying Cisco Meraki and Umbrella in enterprise environments.
• Experience in securing Kubernetes, cloud-native infrastructure, and containerised apps.
• 5+ years in a senior security engineering or architect role.
• Experience leading technical teams or acting as a technical lead on security initiatives.
• Certifications such as AZ-500, CISSP, CCSP, GIAC, or similar highly advantageous.
• Engineer-first mentality: solves security problems through systems thinking and automation.
• Strategic, yet pragmatic: balances best practice with business context.
• Proactive, communicative, and passionate about elevating security posture through innovation.
• MS Engineer & MS Data Scientist Associate.
• Ability to exercise independent judgment and act on it.

Benefits for our U.K. teams include:

• The choice to work flexibly from home and the office, in line with our hybrid working principles.
• Bonus linked to company and personal performance.
• Generous 28 days holiday allowance, plus public holidays.
• Annual leave purchase scheme.
• Five days paid Caregiver/Dependant leave per annum.
• Five paid days off per year for volunteering.
• Private healthcare, discounted dental insurance and health care cashback scheme.
• Opportunity to participate in the company share scheme.
• Access to a range of retail discounts and saving.

What we stand for: We’re committed to ensuring for our colleagues, candidates and communities, that all processes are equitable, and everyone is treated with fairness and dignity where everyone belongs, is valued and is connected. If you need any assistance or reasonable adjustments in submitting your application, please let us know, and we’ll be happy to help.