Cyber Security Engineer

The Vacancy

To strengthen the organisation's Detection and Response capability by providing threat hunting, incident investigation and malware analysis. This is a technical role for a high-calibre analyst ready to take a step up. The role works closely with the Senior Security Engineer to ensure that findings translate into durable remediation and improved operational security.

Key responsibilities

• Perform threat hunting using a suite of tooling and available telemetry from Microsoft and third-party security services.
• Investigate security incidents: triage, analysis, containment recommendations, and support to eradication and recovery.
• Conduct malware triage and analysis to determine impact, behaviour and required mitigations.
• Develop and tune detection logic and playbooks, in collaboration with the SOC service and wider Security team.
• Provide operational evidence and metrics to support Cyber Essentials Plus (annual) and customer audits.
• Support vulnerability and patch compliance activities by validating remediation and verifying closure.
• Contribute to Penetration testing response.
• Contribute to cyber communications: short briefings, lessons learned, and targeted awareness messaging.
• Support the maintenance of ITSM, and address Cyber related tickets.

Security services and tooling

• EDR/XDR, SIEM, Endpoint Device and application management
• Data governance and information protection.
• Firewalls, remote access (RAS), secure web gateway (SWG), SASE.
• SMTP security
• Vulnerability management.
• Patch distribution
• ITAM

Working relationships

• Senior Security Engineer: Tight technical pairing (detect → investigate → remediate → verify).
• InfoSec Lead: Provide operational evidence and support assurance narratives for audits/SAQs/Penetration test remediation.
• SOC service: Coordinate on alert quality, escalation, and detection improvements.

Essential experience and skills

• Degree in Cyber Security (or closely related discipline).
• 2-3 years' post-graduation experience in a commercial security role (SOC, IR, security operations, or similar).
• Strong analytical capability and curiosity; able to form hypotheses and test them against telemetry.
• Understanding of incident response lifecycle and basic forensic principles.
• Clear written and verbal communication, with the confidence to elevate and explain findings.
• Self-starter mindset suited to a hybrid/WFH environment.

Desirable

• Experience with SIEM/EDR tooling.
• Practical malware analysis experience (static or dynamic triage).
• Experience contributing to Cyber Essentials Plus evidence gathering or audit support.
• Motivation to develop a cyber security career through personal development and performance in threat hunting and incident response.

Personal attributes

• Technically rigorous with strong attention to detail.
• Comfortable working autonomously and prioritising without close supervision.
• Credible and professional; able to work directly with senior engineers and stakeholders.
• Collaborative: enjoys working in a paired model to drive root-cause fixes and improvement.

Security checks

Employment is subject to satisfactory references and appropriate security clearance checks commensurate with the role and customer requirements. Reference checks and security checks (where applicable) are required as part of the employment process.