Cyber Operations Engineer

Endava is seeking an experienced Cyber Operations Engineer to support the operational effectiveness governance and continuous improvement of enterprise cyber security tooling and control implementations.

This role focuses on ensuring that security platforms and controls are correctly configured optimised and delivering effective protection across enterprise environments including endpoints identity platforms cloud services email systems and network infrastructure.

Working closely with Security Operations (SOC) Cyber Engineering Threat Intelligence and IT Operations teams the Cyber Operations Engineer acts as a key link between security design and operational execution. The role translates threat intelligence insights attack patterns and incident learnings into actionable improvements to security tooling detection capabilities and preventative controls.

The successful candidate will contribute to strengthening security posture by improving configuration management reducing operational friction in cyber tooling and enabling scalable automated security control management.

Responsibilities:

• Maintain and continuously improve the configuration performance and effectiveness of enterprise security tools and platforms.
• Ensure cyber security controls across endpoint identity cloud email and network environments are operating as designed and aligned with security standards.
• Identify opportunities to automate configuration management and control deployment to reduce manual effort and operational risk.
• Partner with SOC teams to improve detection coverage alert fidelity and operational response capabilities.
• Reduce false positives and improve signal quality across detection and monitoring platforms.
• Collaborate with Threat Intelligence Threat Hunting Vulnerability Management and Cyber Engineering teams to identify security tooling gaps and control weaknesses.
• Design and implement preventive and detective control improvements based on incident trends and emerging attack techniques.
• Support governance and oversight of security tooling by ensuring configurations align with approved security policies and standards.
• Maintain documentation of control configurations operational procedures and security tooling intent.

Qualifications :

Experience:

• 8 years of experience in cybersecurity or IT infrastructure roles with at least 4 years in security engineering security operations or cyber tooling management.
• Hands-on experience configuring and improving enterprise-scale security platforms.
• Experience working closely with Security Operations Centres (SOC) and IT infrastructure or cloud operations teams.
• Demonstrated experience improving detection capability and operational response through tooling configuration and tuning.
• Experience translating threat intelligence and incident learnings into practical security control improvements.
• Experience supporting enterprise security tooling implementations and operational transitions.
• Industry certifications such as CISSP GCIH Security or relevant cloud security certifications are advantageous.

Technical Skills:

• Hands-on experience with modern enterprise security platforms such as:
  • CrowdStrike (EDR/XDR)
  • Microsoft Purview / Microsoft Security stack
  • Palo Alto security technologies
  • SIEM or detection platforms
• Experience across multiple security domains including:
  • Endpoint detection and response (EDR/MDR)
  • Email security controls
  • Identity and access security
  • Cloud security controls and native cloud security services
  • Network and application security tooling
• Strong understanding of modern attack techniques and how enterprise security controls fail in real-world environments.
• Experience with configuration management change control processes and operational governance frameworks.
• Ability to tune detection logic policies and platform configurations to improve protection and operational efficiency.
• Familiarity with security monitoring incident response workflows and SOC operations.
• Understanding of automation scripting or infrastructure-as-code approaches for security configuration management is desirable.

Additional Information :

Discover some of the global benefits that empower our people to become the best version of themselves:

• Finance: Competitive salary package share plan company performance bonuses value-based recognition awards referral bonus;   
• Career Development: Career coaching global career opportunities non-linear career paths internal development programmes for management and technical leadership;
• Learning Opportunities: Complex projects rotations internal tech communities training certifications coaching online learning platforms subscriptions pass-it-on sessions workshops conferences;
• Work-Life Balance: Hybrid work and flexible working hours employee assistance programme;
• Health: Global internal wellbeing programme access to wellbeing apps;
• Community: Global internal tech communities hobby clubs and interest groups inclusion and diversity programmes events and celebrations.

At Endava were committed to creating an open inclusive and respectful environment where everyone feels safe valued and empowered to be their best. We welcome applications from people of all backgrounds experiences and perspectivesbecause we know that inclusive teams help us deliver smarter more innovative solutions for our customers. Hiring decisions are based on merit skills qualifications and potential. If you need adjustments or support during the recruitment process please let us know.

Remote Work :

No

Employment Type :

Full-time