Cyber Security Engineer

To strengthen the organisation’s Detection and Response capability by providing threat hunting, incident investigation and malware analysis. This is a technical role for a high‑calibre analyst ready to take a step up. The role works closely with the Senior Security Engineer to ensure that findings translate into durable remediation and improved operational security.

Key Responsibilities

• Perform threat hunting using a suite of tooling and available telemetry from Microsoft and third‑party security services.
• Investigate security incidents: triage, analysis, containment recommendations, and support to eradication and recovery.
• Conduct malware triage and analysis to determine impact, behaviour and required mitigations.
• Develop and tune detection logic and playbooks, in collaboration with the SOC service and wider Security team.
• Provide operational evidence and metrics to support Cyber Essentials Plus (annual) and customer audits.
• Support vulnerability and patch compliance activities by validating remediation and verifying closure.
• Contribute to Penetration testing response.
• Contribute to cyber communications: short briefings, lessons learned, and targeted awareness messaging.
• Support the maintenance of ITSM, and address Cyber related tickets.

Security services and tooling

• EDR/XDR, SIEM, Endpoint Device and application management
• Data governance and information protection.
• Firewalls, remote access (RAS), secure web gateway (SWG), SASE.
• SMTP security
• Vulnerability management.
• Patch distribution
• ITAM

Working relationships

• Senior Security Engineer: Tight technical pairing (detect > investigate > remediate > verify).
• InfoSec Lead: Provide operational evidence and support assurance narratives for audits/SAQs/Penetration test remediation.
• SOC service: Coordinate on alert quality, escalation, and detection improvements.

Essential Experience And Skills

• Degree in Cyber Security (or closely related discipline).
• 2–3 years’ post‑graduation experience in a commercial security role (SOC, IR, security operations, or similar).
• Strong analytical capability and curiosity; able to form hypotheses and test them against telemetry.
• Understanding of incident response lifecycle and basic forensic principles.
• Clear written and verbal communication, with the confidence to elevate and explain findings.
• Self‑starter mindset suited to a hybrid/WFH environment.

Desirable

• Experience with SIEM/EDR tooling.
• Practical malware analysis experience (static or dynamic triage).
• Experience contributing to Cyber Essentials Plus evidence gathering or audit support.
• Motivation to develop a cyber security career through personal development and performance in threat hunting and incident response.

Personal attributes

• Technically rigorous with strong attention to detail.
• Comfortable working autonomously and prioritising without close supervision.
• Credible and professional; able to work directly with senior engineers and stakeholders.
• Collaborative: enjoys working in a paired model to drive root‑cause fixes and improvement.

Employment is subject to satisfactory references and appropriate security clearance checks commensurate with the role and customer requirements.

#J-18808-Ljbffr…