Salary: £43,000 - 83,000 per year Requirements: We are looking for two hands-on Cyber Security Engineers who are located near the Kent area and can travel into the office 5 days a week. We need experience in a Cyber Security Engineer, SOC Analyst, or similar security-focused role. We need hands-on experience with Microsoft Defender for Endpoint and/or Microsoft 365 Defender. We need experience using Rapid7 SIEM or a comparable SIEM platform for monitoring and investigations. We need experience managing or supporting Sophos Antivirus or similar endpoint protection solutions. We need a strong understanding of cyber threats, attack vectors, and incident response methodologies. We need the ability to analyse logs, alerts, and endpoint activity to determine impact, scope, and root cause. We need a good understanding of Windows environments and core networking concepts. We need strong documentation, reporting, and communication skills. We need practical experience with security tools such as IDS/IPS, Metasploit, Nexpose, Nmap, Nessus, Wireshark, L0phtCrack, John the Ripper, or similar technologies. We need familiarity with security frameworks and standards including ISO 27001 and the NIST Cybersecurity Framework. Responsibilities: We monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos Antivirus. We investigate cyber security incidents including malware infections, phishing attacks, identity compromise, and unauthorised access attempts. We conduct incident triage, root cause analysis, containment, remediation, and recovery activities. We lead or support incident response activities in line with our internal procedures and security standards. We escalate major incidents appropriately and provide timely updates to stakeholders. We identify emerging threats, vulnerabilities, and attack trends relevant to our organisation. We tune and optimise security tooling to improve detection capability and reduce false positives. We implement and maintain endpoint protection controls and security policies. We support vulnerability management processes, including remediation planning and risk tracking. We maintain and enhance security monitoring rules, alerts, dashboards, and reporting. We contribute to the development of incident response playbooks and operational runbooks. We support security audits, compliance initiatives, and risk assessments. We help drive continuous improvement in our overall cyber security maturity. We work closely with IT, infrastructure, and service desk teams to resolve security-related issues. We produce clear and concise technical and non-technical incident reports. We identify phishing trends and risky user behaviours, supporting security awareness activities. We assist with security projects and the implementation of new technologies. Technologies: Cloud Support Microsoft 365 Security Windows Office 365 More: We are a supportive and collaborative organisation looking to strengthen our cyber defence operations with two hands-on Cyber Security Engineers. This operational security role offers the chance to make a direct impact on our cyber resilience while working daily with Microsoft Defender for O365, Entra ID, Intune, Rapid7 SIEM, and Sophos Antivirus. The role is based near the Kent area with an office-first working pattern of 5 days a week in the office, Monday to Friday, with flexible start times between 7:30am and 9:30am. Following a successful training period, hybrid working is available with up to one day per week working from home. We offer ongoing opportunities to develop technical expertise and progress your career within cyber security. last updated 21 week of 2026