Information Security Engineer

Department: IT Operations

Location: Birmingham

Description

Title: Information Security Engineer

Discipline: IT

Location: Birmingham (With Hybrid Working)

At RLB, we live by four simple ideas:
Truth, Trust, Together, Tomorrow. Four values that live at the heart of RLB. A place where People Make Progress.

We value your skills, talents and unique perspectives – we think they are priceless.

Bring them to RLB and you’ll be empowered to shape our future and your career in new and meaningful ways.

We’ll give you opportunities to work on some of the most ambitious and exciting projects currently being designed and developed in the built environment sector.

You’ll continue to learn and advance as everyone who works for us is provided with a tailored training programme. Our mentoring and reverse mentoring schemes will enable you to share your expertise while gaining fresh insights.

What makes RLB unique is our inclusive culture. As an independent, employee-owned business, teamwork and collaboration lies at the heart of everything we do. Hybrid and flexible working arrangements and family-friendly policies are just some of the ways we invest in employee wellbeing.

Join us and you will thrive personally as well as professionally.

The Information Security Engineer will work closely with the Head of Security and Infrastructure, as well as the wider IT and Governance teams, to ensure the ongoing protection of RLB’s IT environments.

This is a critical role responsible for protecting infrastructure, cloud, software, and data against unauthorised use, modification, exfiltration, or damage. This role identifies threats, manages projects and engineers solutions.

An ideal candidate for this role is dedicated to learning new things, security-minded, strong initiative, and able to manage projects autonomously across diverse topics.

• Management of day-to-day security operations and act as the primary contact for the third-party SOC.
• Analyse and interpret logs, alerts, and threat data to identify potential security incidents.
• Ensure security alerts and incidents are managed and remediated.
• Ensure security tooling is correctly configured, operational, and fully utilised.
• Threat Detection, Incident Response & Vulnerability Management.
• Support or lead security incident investigations, including root cause analysis and remediation.
• Conduct vulnerability assessments and maturity scans, ensuring risks are clearly communicated and mitigated.
• Oversee third party penetration tests, manage remediation plans, and maintain strong vendor relationships.

• Work with Microsoft security technologies such as Microsoft Purview, Defender, M365, Entra , and Azure security tools, email security solutions and endpoint protection solutions.
• Oversee configuration changes, ensure tools are effectively integrated, and monitor identity and access management to detect potential misuse of credentials or privileges.
• Apply technical expertise to support improvements to security configuration, identity management, and endpoint security.
• Support internal teams when changes to systems may impact SOC monitoring or defensive controls.

• Help ensure alignment with standards such as Cyber Essentials Plus, NIST 800-171, ISO 27001, and UK GDPR.
• Carry out security audits and respond to DSAR requests
• Assist with internal/external audits and maintain documentation to demonstrate compliance with RLB’s security requirements.
• Assist with the completion of supply-chain risk assessments
• Provide support for the secure onboarding of software, ensuring adherence to data security protocols, software development best practices, and all relevant requirements.

• Develop and support awareness initiatives, phishing simulations, and internal training.
• Stay ahead of new threats and emerging technologies, recommending ongoing improvements.
• Promote best practice security behaviours.

• Certifications such as CEH, CISSP, Security+
• Relevant Microsoft certifications (SC-900, SC-200, AZ-140)
• Ability to obtain Security Clearance…