Full-Time Cyber Security Engineer

Detection Team Engineer (Cyber Security)

We are seeking a Cyber Security Engineer to join our InfoSec Detection Team in the UK. You will report to the Detection Team Lead and provide security guidance, threat hunting, incident response, and enforce security best practices.

Key Responsibilities:

1. Collaborate with the Detection Team, Response Team, and Architects to investigate areas of interest identified through reporting mechanisms (XDR, SIEM, Proxy solutions, Email Threat platform, ADCs, Vulnerability Scanning Solutions, Security Bulletins).
2. Monitor and investigate security events and alerts, prioritizing risk and remediating operational security risks.
3. Support investigations and incident response as directed.
4. Learn and contribute to the maintenance and development of our Privileged Access Management (PAM) platform (requires XML, Python, RegEx knowledge).
5. Work with Security Architects to deliver new security capabilities and ensure compliance.
6. Familiarize yourself with ITIL processes (change, problem, and incident management).
7. Maintain NCSC's Cyber Security Essentials Plus accreditation.

Essential Skills and Experience:

• Strong understanding of Windows Client/Server and Hypervisor technologies (ESXI, Hyper-V, Virtual Box)
• Practical operation of SIEM/XDR solutions
• Understanding of the attack chain, advanced persistent threats, and the evolving threat landscape
• Basic networking fundamentals (DNS, DHCP, routing, firewall rules)
• Basic Unix/Linux knowledge
• Public cloud awareness (and practical knowledge preferred)
• Security clearance to MOD SC and Non-Police Personnel Vetting Level 3 (NPPV)
• Demonstrable IT experience with strong security concepts/fundamentals.

Desirable Skills:

• Basic Static/Dynamic Malware Analysis skills (using tools such as Sysinternals, PEStudio, CyberChef, API Monitor, NodeJS, Powershell IDE, UPX, Wireshark, BurpSuite)
• Trend Micro suite of applications
• Nessus/Vulnerability scanning software
• PAM solution management
• Understanding of ITIL framework, CE+ and UK government cyber security guidance
• Previous SOC or Security Team experience

Pre-employment and Employment Requirements:

• Baseline Standard and Disclosure Scotland (BPSS)
• Security Clearance

What is the last date for applying to the job?

Which countries are accepted for this remote job?