IT Security Operations Engineer

Key Responsibilities

• Follow-up on security events for on-prem cloud and hybrid infrastructures from SIEM platforms EDR/AV solutions Microsoft 365 security portals and other security tools and investigate potential threats conduct root cause analysis and take remediation action.
• Continuously monitor CVE databases and threat intelligence sources for newly identified vulnerabilities and lead the implementation of appropriate security fixes and improvements which may include patching configuration changes or architectural adjustments.
• Respond to and contain security events and incidents in accordance with ITIL-aligned management. processes. Escalate critical incidents as appropriate and support detailed post-incident reviews.
• Assist with developing and maintaining supporting documentation and standard operating procedures.
  
  

• Manage and optimise Microsoft 365 security configurations across Microsoft Defender for Endpoint Microsoft Defender for Office 365 Defender for Identity / Entra ID security features.
• Oversee Conditional Access MFA identity protection and device compliance policies.
• Review and improve Microsoft Secure Score compliance dashboards and cloud security posture.
• Support identity and access management activities within Entra ID.

• Track all open vulnerabilities and their remediation status to closure.
• Assist with system and endpoint hardening across the on-prem and cloud estates.
• Assist with patch compliance oversight and security baseline enforcement.

• Support compliance initiatives (ISO27001 GDPR or other relevant standards).
• Maintain and improve security policies standards guidelines and SOPs.
• Provide evidence for audits and assist with risk assessments.
• Contribute to security awareness and improvement initiatives.

• Operate within ITIL processes including Incident Problem Change and Request Management.
• Produce high-quality documentation including runbooks procedures knowledge articles.
• Participate in change review processes (CAB) for security-related changes and deployments.
• Contribute to Continual Service Improvement for cyber operations and M365 security services.

• Collaborate with network teams to secure firewalls VPNs proxies and network segmentation.
• Support configuration reviews for network security appliances and routing policies.
• Analyse network-based incidents (e.g. suspicious lateral movement abnormal traffic patterns).

Skills Knowledge and Expertise

• Bachelors degree in computer science Information Technology or related field.
• At least 5 years in cybersecurity engineering or operations (regulated industry referred).
• Hands-on experience with SIEM EDR/XDR vulnerability management and cloud security (M365/Azure).
• Certifications (Highly desirable):
  CISSP CISM CEH or similar
  Microsoft SC-200 SC-300 SC-400 AZ-500 MS-102
  ITIL Foundation or similar service management awareness.
  Proficiency in scripting (PowerShell Python) for automation.

• Strong experience with Microsoft 365 security products and technologies (Defender suite Conditional Access MFA Entra ID).
• Experience with EDR/AV identity security and threat detection methodologies.
• Practical experience using of SIEM platforms.
• Ability to create or modify PowerShell scripts or similar automation tools.
• Experience with vulnerability management tools and patching workflows.
• Solid understanding of network security concepts including firewalls VPNs IDS/IPS proxies DNS and TCP/IP.
• Knowledge of ITIL processes (Incident Problem Change Management) PowerShell scripting proficiency for automation tasks a plus.

• Demonstrated critical thinking troubleshooting and problem-solving skills to complex technical problems.
• Excellent interpersonal written and verbal communication skills in English to both technical and business audiences (individual or group).
• Strong customer service mindset.
• High-quality documentation skills and process-oriented approach.
• Ability to complete assignments with minimal direction.
• Ability to work independently and as part of a team.
• Strong attention to detail and a methodical approach.

• Collaborative mindset and who can work independently or more often as part of a diverse team and group of internal and external stakeholders.
• Exceptional aptitude for dealing with ambiguity unexpected emergencies frequent interruptions and competing deadlines (must be able to work overtime and weekends when necessary).
• Proactive flexible and adaptable disposition with a willingness to work hands-on demonstrating attention to detail and the ability to take ownership of individual and teams work.
• Innate curiosity and willingness to learn and evolving technology environment on an ongoing basis: develops knowledge base and skill set beyond that called for by immediate tasks and continually push the knowledge envelope.
• A continuous improvement mindset continually critically evaluating results to drive improvements of processes and / or methods and/or underlying technology direction.

Benefits

• Discretionary annual bonus scheme
• 25 days annual leave
• Flexible working policy
• Immediate pension scheme
• TaxSaver and Bike to Work scheme
• Professional membership fees
• Full gym and wellness programme