Cyber Security Engineer

A bit about the role

This role will be key to our approach to Cyber Defence at Allwyn, managing the toolsets, processes and capabilities required to effectively deliver a world class security operations Centre. Responsibilities will include managing the security engineering toolset, developing and maintaining the technology and capabilities deployed, supporting and advancing the operational security capabilities of the Cyber Security Team, working on new Security Projects, and providing an advisory role to other elements of the business on best practice.

The role will require establishing relationships with key stakeholders in Risk, Technology and Operations, and establishing yourself as a SME for cyber security within the organisation.

Run advanced and predictive analyses and perform assessments based on the Mitre ATT&CK framework. Validate, enhance and use predictive analytics software tools, correlate testing activities to ensure quality of use cases, and monitor using multiple SIEM technologies to keep the SOC threat‑led. Gather forensic data and physical equipment for investigations when necessary, act as incident responder for identified incidents and lead the incident response when required.

Provide guidance and training on analysing data trends for security use cases, improve data and analytics systems, contribute to continuous refinement of the data and analytics security strategy, conduct regular security assessments, perform risk analysis, analyse breaches to find root causes, and generate reports for IT administrators, business managers and security leaders. Perform forensic analysis and gather evidence for correlation monitoring using multiple SIEM technologies.

Create artificial intelligence algorithms that identify patterns or indicators of compromise in security logs to defend the environment. Ensure proactive development of new machine‑learning activities aligns with identified threats, leveraging extensive threat‑landscape knowledge.

Design, implement and maintain security controls for AWS and Azure, including Azure AIP, Defender, Azure AD, key vaults, log shipping, AWS Guard Duty, Security Hub, Trusted Advisor, Config, Cloud Trail, Cloud Watch, Inspector, etc. Serve as subject‑matter expert on all Azure security tooling and implement required security measures such as firewalls or message encryption.

Work independently, providing guidance and training to others on planning, organising, prioritising and managing activities to efficiently meet business objectives. Lead updates to Protective Monitoring/SOC documentation, processes and procedures, ensuring consistency.

• Ability to work under pressure
• 1‑3 years' experience in a similar role
• In‑depth understanding of the cyber threat landscape and advanced adversary tactics
• Expert knowledge of Linux, Windows, Azure, AWS, Sentinel, Palo Alto and Cyber Ark
• Threat Modelling and Mitre ATT&CK experience
• In‑depth knowledge of a scripting language, preferably Python

• Previous experience in a similar role
• Relevant cloud experience

• Company Bonus Scheme
• Matched pension contributions up to 8.5%
• 26 days annual leave + 2 Life Days (and bank holidays)
• Single Private Health Cover
• Complimentary Private Medical
• Income Protection
• Flexible Benefits – EV Scheme, Money Coach, Will Writing, Mortgage Advice, Dental and Eye Care Schemes
• Enhanced Family Leave (Maternity, Paternity, Adoption)
• Wellness Allowance £500
• Employee Assistance Programme
• Discounted Health Assessments
• Volunteering Days
• Matched Funding