Salary: £60,000 - 60,000 per year Requirements: We are looking for experience in a Cyber Security Engineer, SOC Analyst, or similar security-focused role. We require hands-on experience with Microsoft Defender, including Endpoint and/or O365 security. We require experience using Rapid7 SIEM or a comparable SIEM platform for alerting and investigations. We require experience managing or supporting Sophos Antivirus or other endpoint protection solutions. We need a strong understanding of common cyber threats, attack vectors, and incident response processes. We need the ability to analyse logs, alerts, and endpoint activity to determine scope, impact, and root cause. We require good working knowledge of Windows environments and basic networking concepts. We need strong documentation, reporting, and communication skills. Practical experience with security tools such as IDS/IPS, Metasploit, Nexpose, Nmap, Nessus, Wireshark, L0phtCrack, John the Ripper, or similar is required. Familiarity with recognised information security frameworks such as ISO 27001 and the NIST Cybersecurity Framework is required. Responsibilities: We actively monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos AV. We investigate suspected cyber attacks including malware infections, phishing campaigns, identity compromise, and unauthorised access attempts. We perform triage, root cause analysis, containment, and remediation of security incidents. We lead or support incident response activities in line with our internal policies and procedures. We escalate significant incidents appropriately and provide clear, timely updates to stakeholders. We proactively identify emerging threats, vulnerabilities, and attack patterns affecting our organisation. We tune and optimise security tools to reduce false positives and improve detection accuracy. We implement, manage, and maintain endpoint protection and security policies. We support vulnerability management activities, including remediation planning and risk tracking. We maintain and enhance security monitoring rules, alerts, and dashboards. We contribute to the development and maintenance of security runbooks and incident response playbooks. We support security audits, compliance activities, and risk assessments. We actively contribute to improving our overall cyber security maturity. We work closely with IT, infrastructure, and service desk teams to resolve security-related issues. We produce clear, structured technical and non-technical incident reports. We identify trends in phishing or risky user behaviour and support security awareness initiatives. We assist with security-related projects and new technology deployments. Technologies: Cloud Support Security Windows Office 365 More: We are Foresters Financial, a purpose-driven organisation that helps everyday families achieve their financial goals and make a lasting difference in their lives and communities. We are seeking two Cyber Security Engineers to join our Bromley, Kent head office in a permanent, full-time role, where they will play a key hands-on part in protecting our organisation from cyber threats. This is a genuinely operational security position with exposure to a broad security tooling landscape, real-world incidents, and ongoing opportunities to develop technical skills and grow within cyber security. We offer a supportive, collaborative working environment, a salary of up to £60,000 per annum, a discretionary annual bonus, 25 days holiday plus bank holidays, life assurance, a generous contributory pension scheme, one paid charitable workday, and an Employee Assistance Programme. Working hours are 40 per week, Monday to Friday, with flexible start times and the option to work from home one day a week after a successful training period. last updated 21 week of 2026