Senior IT Cybersecurity Engineer – Blue Team

About Teneo:

Teneo is the Global CEO Advisory firm. We partner with our clients globally to do great things for a better future. Drawing upon our global team and expansive network of Senior Advisors we provide advisory services across our five business segments on a stand-alone or fully integrated basis to help our clients solve complex business challenges. Our clients include a significant number of the Fortune 100 and FTSE 100 as well as other corporations financial institutions and organisations. Our full range of advisory services includes Strategic Communications Investor Relations Financial Transactions and Financial Advisory Management Consulting Physical and Cyber Risk Organizational Design Board and Executive search Geopolitics and Government Affairs Corporate Governance ESG and DE&I. The firm has more than 1800 employees located in 45 offices around the world.

Why Join Teneos Security Team

At Teneo youll be part of a committed security team helping protect a dynamic global consulting company. This role offers the opportunity to influence and shape our security posture contribute to designing and building detection capabilities from the ground up and work autonomously with support from experienced leadership.

The Role

Teneo seeks a skilled and self-sufficient Cybersecurity Engineer to join our security team in this role you will focus primarily on detection engineering and blue-team operations: designing writing and tuning detection / SIEM / XDR rules responding to security alerts and incidents and maintaining our security posture across cloud network and endpoint environments. You will play a critical role in strengthening our defences automating security processes and enabling IT and business teams to operate securely.

What Youll Do

• Design develop and maintain detection logic and rules (SIEM / XDR / log-management) to identify suspected malicious activity anomalies or policy violations across network cloud endpoint and identity systems.
• Configure deploy and manage security tooling: SIEM / XDR platforms log management IDS/IPS/NDR firewalls endpoint protection cloud-security tools and other security infrastructure.
• Triage and investigate alerts: perform log analysis correlate events determine real threats escalate or respond as needed.
• Perform vulnerability assessments threat hunting risk-based tuning of detection rules and threat modelling for identified CVEs / weaknesses.
• Participate in incident response: containment mitigation root-cause analysis remediation documentation lessons-learned and improvement of detection strategies.
• Automate security operations where possible: develop scripts or workflows (e.g. via Python PowerShell Bash SOAR integrations) to streamline monitoring alerting incident handling and reporting.
• Collaborate with IT DevOps and business stakeholders to embed security best practices into system and network architecture cloud infrastructure and software deployments.
• Maintain and enforce security policies standards access controls and compliance frameworks (e.g. relevant regulatory or industry standards).
• Produce clear documentation dashboards reports and run-books for detection logic incidents and ongoing security operations.

Basic Qualifications

• Several years (e.g. 47) of professional experience in cybersecurity engineering / operations with hands-on experience in detection SIEM/XDR log management incident response and security tool administration.
• Strong technical knowledge in network security cloud security (e.g. AWS Azure or similar) endpoint security identity and access management (IAM) firewall/IDS/IPS and intrusion detection/prevention.
• Proven ability to author tune and review detection rules / alerts / log-parsing logic and to perform advanced log analysis and event correlation.
• Familiarity with scripting or automation (e.g. Python PowerShell Bash) for building detection logic automating response or managing security tool configurations.
• Solid understanding of security frameworks best practices and threat-detection methodologies.
• Strong analytical problem-solving communication and collaboration skills able to work independently but also engage with IT/security stakeholders.

Preferred Qualifications

• Experience with cloud-native security environments and multi-cloud deployments.
• Familiarity with SOAR or security automation/orchestration platforms.
• Certifications such as CISSP CISM CEH or other relevant credentials.
• Prior experience in a blue-team / SOC / detection engineering / incident response role.
• Understanding of compliance regulatory standards and risk management best practices.

#LI-Hybrid