Cyber Security Engineer

What We're All About

Do you ever have the urge to do things better than the last time? We do. And it's this urge that drives us every day. Our environment of discovery and innovation means we're able to create deep and valuable relationships with our clients to create real change for them and their industries. It's what got us here - and it's what will make our future.

At Quantexa, you'll experience autonomy and support in equal measures allowing you to form a career that matches your ambitions. 41% of our colleagues come from an ethnic or religious minority background. We speak over 20 languages across our 50+ nationalities, creating a sense of belonging for all.

The Cyber Security Engineer is a very hands‑on operational role within the Security Operations team, playing a key part in protecting Quantexa. The role is responsible for the day‑to‑day operation, optimisation, and monitoring of core security platforms, with a particular focus on Zscaler, Cloud monitoring through Wiz and Endpoint Detection and Response through Crowd Strike.

Working closely with the wider Security Operations, you will ensure that security alerts, findings, and detections are promptly triaged, accurately validated, logged and effectively remediated. The role contributes directly to improving Quantexa's security posture by reducing risk, strengthening detection capability, and supporting timely response to security events.

This position is well suited to a very technical, curious and observant practitioner who enjoys working inside key security tooling, values disciplined execution and can operate confidently within established processes while identifying opportunities for continuous improvement.

• Monitor and triage Wiz findings daily, validating alerts and determining operational impact.
• Perform tuning and threat hunting within Wiz and other tooling.
• Identify misconfigurations, excessive permissions, and exposed assets, escalating where required.
• Track remediation progress with engineering owners and ensure closure of high‑priority issues.

• Review and triage Zscaler alerts and policy violations, following documented response procedures.
• Investigate suspicious traffic, access attempts, and user activity to determine legitimacy and risk.
• Support enforcement actions by validating policy alignment and working with IT and Cloud teams to remediate issues.
• Monitor coverage and configuration across users and locations, identifying gaps or misconfigurations.
• Support policy tuning by analysing false positives and recommending rule or policy adjustments.
• Contribute to playbook development, operational maturity, and ongoing service readiness.

• Review and triage endpoint detections, applying documented response steps.
• Execute containment actions, including network isolation and sensor troubleshooting.
• Validate full sensor coverage across the estate and address gaps in coordination with IT.
• Support tuning activities by analysing false positives and proposing rule refinements.
• Contribute to playbook improvements and operational readiness tasks.

• Conduct initial investigation of security incidents, collect evidence, and elevate based on severity with a keen eye on the quality of the output.
• Perform daily review of alerts across our SIEM, Wiz, Crowd Strike, and other platforms.
• Validate vulnerabilities and configuration weaknesses raised by scanning tools.
• Interpret and ope rationalise threat intelligence, understand how it informs detection, prioritisation, and response activities, and clearly communicate technical threat intelligence to non‑technical stakeholders.
• Support cloud security controls, identity hygiene checks, and network policy reviews.
• Contribute to the ongoing maturity and documentation of operational processes.

• Act as a trusted operational partner to the Cyber Security Manager and the wider Information Security team, providing proactive support and consistent engagement.
• Partner closely with Dev Ops, IT, and Engineering teams to…