Senior Cybersecurity Engineer

Short Description

This Cybersecurity Engineer role is focused on building centralised visibility improving detection and response.

Bullet Points:

• Location: United Kingdom
• Salary: Euro neg 2 x annual bonusses benefits
• Experience: 5 years in cybersecurity or security engineering.

About the Role

An established international organisation is seeking a handson Senior Cybersecurity Engineer to strengthen and mature its security capabilities across cloud identity and operational environments.

You will work across Cloudflare Microsoft 365 endpoint and infrastructure security and will play a key role in integrating with an external SOC provider. As the security function grows this position offers a clear progression path toward Cybersecurity Architect or Security Lead.

What Youll Do

Security Monitoring & Detection

• Design and implement centralised security monitoring (SIEM or equivalent).
• Prepare systems and environments for managed SOC integration.
• Manage Cloudflare security (WAF bot protection traffic analysis).
• Strengthen Microsoft 365 visibility (identity email audit logs).
• Develop and refine detection use cases to improve alert quality.

Managed SOC Integration

• Act as the primary technical contact for the managed SOC provider.
• Support onboarding log ingestion tuning and usecase development.
• Validate SOC alerts incidents and reporting outputs.
• Continuously improve detection fidelity and reduce false positives.

Cloudflare Security

• Optimise WAF rules bot protection and traffic filtering.
• Manage DDoS protection and ratelimiting policies.
• Analyse traffic patterns to identify threats and anomalies.

Microsoft 365 Security & Identity

• Strengthen Entra ID security (identity protection conditional access).
• Enhance email security and antiphishing controls.
• Improve audit logging monitoring and investigation workflows.
• Support investigations into user activity and account compromise.

Incident Response & Operational Security

• Establish internal incident response processes aligned with SOC workflows.
• Define runbooks escalation paths and operational responsibilities.
• Support investigations and postincident reviews.

Vulnerability Management & Security Testing

• Implement vulnerability scanning across infrastructure and endpoints.
• Integrate security scanning into CI/CD pipelines.
• Drive remediation efforts and track risk reduction.

Security Engineering & Architecture

• Improve security controls across cloud onprem and hybrid environments.
• Embed security into both online and landbased operational environments.
• Support secure design and architecture reviews.

Risk & Compliance

• Support implementation of controls aligned with DORA ISO 27001 and similar frameworks.
• Contribute to risk identification and mitigation.
• Assist with audit readiness and evidence collection.

Stakeholder Engagement

• Build strong relationships with business and IT teams.
• Improve awareness of security risks and responsibilities.
• Act as an internal security point of contact alongside the SOC provider.

What You Bring

• 5 years in cybersecurity or security engineering.
• Handson experience with:
  • SIEM/log management
  • Cloudflare (WAF bot protection traffic filtering)
  • Microsoft 365 security (Entra ID Defender audit logs)
  • Endpoint protection
• Experience working with or integrating managed SOC services (preferred).
• Strong troubleshooting debugging and threathunting skills.
• Ability to operate across distributed complex environments.

Nice to Have

• Experience with the Palo Alto security ecosystem.
• Experience onboarding logs into SOC/SIEM platforms.
• Familiarity with DORA ISO 27001 NIST CSF or PCIDSS.
• Experience securing CI/CD pipelines.

What Success Looks Like (6-12 Months)

• Centralised visibility established and SOCready.
• Managed SOC successfully onboarded and tuned.
• Highquality detection use cases implemented (low noise high signal).
• Cloudflare and Microsoft 365 security posture significantly improved.
• Incident response aligned with SOC workflows.
• Vulnerability management process fully operational. Clear progress toward DORA and audit readiness.