Cyber Security Engineer

Role Overview

We are seeking an experienced Cyber Security Engineer with a strong background in Microsoft technologies to join a dedicated and innovative IT team. In this key role, you will be responsible for designing, implementing, and maintaining robust cyber security measures to protect critical systems, networks, and data.

• Take ownership of the organisation's security infrastructure by designing, deploying, maintaining, and continuously improving cyber defense mechanisms.
• Implement and manage Microsoft security technologies such as Microsoft Defender for Endpoint, Microsoft Defender for Cloud, Azure AD Conditional Access, and Microsoft Sentinel.
• Serve as the technical lead for incident response and threat management, including logging, monitoring, investigation, and remediation activities.
• Strengthen identity and access management (IAM) through Azure AD, Multifactor Authentication (MFA), and Privileged Identity Management (PIM).
• Conduct vulnerability assessments, penetration tests, and regular security audits, identifying risks and implementing mitigation strategies.
• Develop and enforce security policies, guidelines, and standards across on‑premises and cloud environments.
• Monitor, analyse, and improve security posture using tools like Azure Security Center, SIEM solutions, and Log Analytics.
• Perform threat hunting activities to identify and neutralise vulnerabilities or risks before they lead to incidents.
• Implement endpoint protection strategies and systems, ensuring devices are properly secured and fully compliant.
• Lead security‑aware culture initiatives, including organising user training, phishing simulations, and facilitating awareness programmes.
• Advise and support stakeholders on project security requirements and contribute to secure designs at all system life‑cycle stages.
• Assist in compliance with industry standards and regulatory frameworks (e.g., ISO 27001, GDPR).
• Stay up‑to‑date with the latest security technologies, trends, and threats, and proactively apply best practices to strengthen security.

• Experience in cyber security roles (3+ years) with evidence of applied knowledge across Microsoft security platforms.
• Expertise with Microsoft 365 security tools, including Microsoft Defender for Endpoint, Identity, and Office 365.
• Microsoft Sentinel for incident handling and threat detection.
• Conditional Access and Identity Protection in Azure Active Directory.
• Azure Privileged Identity Management and role‑based access control (RBAC).
• Azure Key Vault and secure credential management.
• Proficiency in conducting vulnerability assessments, threat modelling, and risk analysis within cloud, hybrid, and on‑premises environments.
• Advanced knowledge of security principles, protocols, and procedures, including Zero Trust models and secure network design.
• Hands‑on experience in responding to real‑world cyber threats and understanding mitigation approaches to protect against malware, ransomware, phishing, and advanced persistent threats (APTs).
• Scripting and automation skills for managing and automating repetitive tasks (e.g., Power Shell, Python).
• Understanding of infrastructure as code (IaC) tools, cloud automation, and secure build pipelines for Dev Ops settings.
• Practical experience with firewalls, endpoint protection systems, intrusion detection/prevention systems (IDS/IPS), and other security appliances.
• Comprehensive understanding of compliance frameworks such as ISO 27001, NIST, or GDPR.
• Proven ability to identify, analyse, resolve, and communicate technical security issues effectively to diverse stakeholders.
• Strong analytical and problem‑solving skills to deal with complex incidents and ambiguous technical challenges.

• Microsoft Certified:
  Cyber Security Architect Expert
• Microsoft Certified:
  Security Operations Analyst Associate
• Microsoft Certified:
  Identity and Access Administrator Associate
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• Certified Information Security Manager (CISM)
• GIAC Certifications (e.g., GSEC, GCIA, GCIH)

Mid‑Senior level

Full‑time

Information Technology

IT Services and IT Consulting, IT System Operations and Maintenance, and Computer and Network Security

London, England, United Kingdom