×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Security Engineer

Remote / Online - Candidates ideally in
Cardiff, Cardiff City Area, CF10, Wales, UK
Listing for: Rocket-Science-Group
Remote/Work from Home position
Listed on 2026-05-17
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 100000 - 125000 GBP Yearly GBP 100000.00 125000.00 YEAR
Job Description & How to Apply Below

Please note that this is a hybrid position based in Cardiff, requiring 3 days onsite each week, with the option for remote work on the remaining days.

The Rocket Science Group specialises in multiplayer, co-development, platform services, publishing technology, and live operations for console, PC and mobile titles. We have studio teams in Europe and North America and work in partnership with the game industry’s top creators.

ABOUT

THE ROLE

We are looking for a talented and driven senior Security Engineer. You will take ownership of security audits, compliance activities, and day-to-day operational security tasks across our environment. You will work closely with engineering, IT, and business stakeholders to advise on, protect and ensure security for our systems, data, and customers.

This is a broad, high‑impact role suited to someone who is comfortable moving between hands‑on technical work, senior level advising and structured compliance activities. Equally comfortable reviewing SIEM alerts and preparing evidence for an ISO 27001 audit.

KEY RESPONSIBILITIES COMPLIANCE & AUDITS
  • Lead and support internal and external security audits, including ISO 27001, SOC 2 Type II, and GDPR-related assessments.
  • Maintain and evolve the Information Security Management System (ISMS), including policies, procedures, and risk registers.
  • Coordinate with external auditors and manage the evidence collection process.
  • Track audit findings and remediation activities through to closure, providing regular status updates to stakeholders.
  • Support Data Protection Impact Assessments (DPIAs) and ensure ongoing GDPR compliance across business processes.
  • Assist in third‑party vendor security assessments and due diligence reviews.
CLOUD SECURITY
  • Monitor and improve security posture across cloud environments (AWS, Azure, or GCP), including IAM, network controls, and storage security.
  • Implement and maintain Cloud Security Posture Management (CSPM) tooling and review findings.
  • Contribute to secure architecture reviews for new cloud services and infrastructure changes.
  • Ensure cloud configurations align with CIS Benchmarks and internal security standards.
  • Collaborate with Dev Ops and engineering teams to embed security into CI/CD pipelines (Dev Sec Ops ).
PENETRATION TESTING
  • Scope, coordinate, and manage internal and external penetration tests with third‑party providers.
  • Conduct vulnerability assessments and targeted internal testing on applications, networks, and infrastructure.
  • Review pentest reports, triage findings, and work with engineering teams to drive timely remediation.
  • Maintain a vulnerability management programme, including patching SLAs and risk acceptance processes.
  • Stay current on emerging threats, CVEs, and attack techniques relevant to the company's environment.
SECURITY OPERATIONS (SOC / SIEM)
  • Implement, operate and tune SIEM tooling (e.g. Splunk, Microsoft Sentinel, or similar) to detect threats and reduce false positives.
  • Identify, triage and investigate security alerts, leading incident response activities where required.
  • Develop and refine detection rules, playbooks, and response procedures.
  • Perform log analysis and threat hunting across endpoint, network, and cloud telemetry.
  • Maintain and test the Incident Response Plan (IRP), including tabletop exercises.
GENERAL SECURITY
  • Act as a point of contact for security queries from internal teams and promote a security‑aware culture.
  • Guide, contribute and disseminate security awareness training and phishing simulation programmes.
  • Produce regular reporting on security metrics and KPIs, making recommendations and managing remedial actions.
  • Understand, develop and support the security aspects of business continuity and disaster recovery planning.
REQUIREMENTS ESSENTIAL
  • Min 4–5 years of experience in an information security, security engineering or similar role.
  • Demonstrable experience with at least two of the following frameworks: ISO 27001, SOC 2, GDPR, Cyber Essentials Plus, or NIST CSF.
  • Hands‑on experience with cloud security in AWS, Azure or GCP.
  • Working knowledge of SIEM platforms and security alert triage.
  • Experience scoping and managing penetration tests and remediating findings.
  • Solid…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search