Cyber Security Engineer

About The Position

Requirements

• 3–5+ years’ experience in security engineering and/or security operations environments
• Hands-on experience implementing and maintaining security controls in Microsoft-centric environments
• Enterprise experience with endpoint security controls, ideally including Intune (AV configuration and ASR rules)
• Exposure to cloud security posture management concepts (Defender for Cloud experience advantageous)
• Working knowledge of SIEM/SOAR concepts and collaboration with SOC teams (Sentinel experience beneficial)
• Ability to review SOC investigations and outputs and ensure remediation actions are appropriate and effective
• Strong written and verbal communication skills, able to explain security issues to both technical and business stakeholders
• Strong documentation skills (runbooks, technical notes, incident summaries)

Nice To Haves

• Experience with CSPM tools
• Exposure to Microsoft Purview capabilities beyond core DLP/Information Protection
• Basic scripting or automation experience (PowerShell/Python)
• Familiarity with Zero Trust principles and identity security concepts
• Exposure to AI practices in multi layered organisations/environments will be highly regarded

Responsibilities

• Owning and maintaining security configurations and policies across the Microsoft Defender suite
• Enterprise experience managing and optimising Defender for Cloud posture and recommendations in alignment with business risk priorities
• Enterprise experience administering and improving endpoint security controls via Intune, including antivirus configuration and Attack Surface Reduction (ASR) policies
• Supporting and enhancing data protection capabilities using Microsoft Purview (e.g., DLP and Information Protection features as in scope)
• Working closely with our external SOC/MDR provider to ensure detection coverage is effective, investigations are high quality, and remediation actions are appropriate and completed
• Collaborating with the SOC to review alerts, validate investigation outcomes and improve detection tuning and response workflows (including within Microsoft Sentinel)
• Supporting threat hunting and detection improvement activities by leveraging KQL and security telemetry to validate findings and challenge or refine SOC-led investigations where required
• Assisting with incident response coordination, root cause support and tracking remediation actions through to closure
• Partnering with engineering and application teams to embed secure-by-design principles
• Producing clear documentation, runbooks and structured incident or control reporting

Benefits

• Professional development programs and first-class digitised learning offering
• Health and well-being initiatives
• Reward and recognition programs
• Access to bonus and incentive programs
• Access to quarterly product allowance
• Generous discount to spoil yourself and your immediate family, as well as a generous product allowance, subject to company policy