Company Description:
At Quorum Cyber, we're on a mission to help good people win. Founded in Edinburgh in 2016, we're one of the fastest growing cyber security companies in the UK and North America, serving over 400 customers on four continents.
We protect organisations against the rising threat of cyber-attacks, enabling them to thrive in an increasingly unpredictable and inhospitable digital landscape.
As a Microsoft-only security house, a Microsoft Solutions Partner for Security, a member of the Microsoft Intelligent Security Association (MISA), and winner of the Microsoft Security MSSP of the Year 2025 award, we offer a unified security ecosystem comprised of innovative services, all delivered through our customer platform, Clarity.
In September 2024, Quorum Cyber acquired Canada-based, Microsoft Solutions Partner for Security, Difenda. This was closely followed in December 2024 by the acquisition of US-based, Kivu Consulting, a global cyber security firm with world-leading incident response capabilities.
Role Purpose:
The Cyber SecOp Engineer role is responsible for executing and supporting cybersecurity maturity improvement initiatives while maintaining operational security capabilities. This role combines hands-on implementation of security frameworks and process improvements with day-to-day security operations management. The role requires someone who can work independently on security projects, lead specific workstreams within larger maturity initiatives, and provide technical expertise to support organisational security enhancement efforts. This position bridges tactical security operations with strategic security improvement, making it ideal for cybersecurity professionals ready to take on greater responsibility in driving security maturity forward.
What I Do Is:
Security Maturity Implementation & Assessment
* Execute specific components of cybersecurity maturity assessment projects using established frameworks (NIST CSF, ISO 27001, CIS Controls)
* Lead gap analysis efforts for assigned security domains and develop detailed remediation plans
* Implement security controls and process improvements based on maturity roadmaps and senior guidance
* Conduct benchmarking research and analysis to compare organisational security posture against industry standards
* Maintain and update security metrics dashboards and reporting mechanisms to track maturity progression
Security Framework & Process Development
* Implement security policies, procedures, and standards following organisational templates and requirements
* Lead the development of security playbooks, runbooks, and standard operating procedures for specific domains
* Coordinate security compliance activities including evidence collection, control testing, and audit support
* Design and deliver security awareness training sessions and educational materials
* Manage security documentation repositories and ensure accuracy and currency of security guidance
Security Operations & Monitoring
* Independently manage security monitoring activities including SIEM analysis, alert triage, and incident escalation
* Perform advanced threat hunting and security analysis to identify potential security incidents
* Lead incident response activities for moderate complexity security events
* Optimise security tool configurations, rules, and automated workflows to improve detection capabilities
* Coordinate vulnerability management activities including scanning, analysis, and remediation tracking
Process Improvement & Automation
* Identify security process inefficiencies and develop improvement recommendations with implementation plans
* Implement automation solutions for routine security tasks using SOAR platforms and scripting
* Lead security tool integration projects to improve operational efficiency and data correlation
* Conduct security process assessments and develop standardised workflows for security operations
* Support security technology evaluations and proof-of-concept implementations
Incident Response & Investigation
* Lead initial triage and investigation of security incidents, determining scope, impact, and appropriate response measures
* Coordinate incident response activities with internal teams, management, and external stakeholders
* Document incidents thoroughly, including timeline, attack vectors, affected systems, and remediation actions taken
* Implement containment, eradication, and recovery procedures following established incident response protocols
Security Operations & Maintenance
* Tune and optimise security tools and systems to reduce false positives and improve detection capabilities
* Develop and maintain security monitoring rules, signatures, and threat intelligence feeds
* Perform vulnerability assessments and coordinate remediation efforts with IT teams
* Maintain security documentation, playbooks, and standard operating procedures
* Participate in security tool evaluation, deployment, and configuration
Project Management & Stakeholder Coordination
* Lead moderate-scale security improvement projects from planning through implementation
* Coordinate with cross-functional teams including IT, compliance, and business stakeholders
* Manage vendor relationships and coordinate security technology implementations
* Provide regular project updates and status reporting to senior management
* Facilitate security working groups and cross-departmental security initiatives
The Skills I Need Are:
Technical Experience (3-5 years required)
* Solid hands-on experience with cybersecurity tools including SIEM platforms, vulnerability scanners, and security monitoring systems
* Demonstrated experience implementing security controls and processes in enterprise environments
* Proficiency in security framework implementation (NIST CSF, ISO 27001, or CIS Controls)
* Experience with incident response, threat hunting, and security analysis activities
* Knowledge of security automation tools and scripting languages (Python, PowerShell, or similar)
* Understanding of network security technologies, cloud security concepts, and endpoint protection systems
Cybersecurity Expertise
* Strong working knowledge of cybersecurity frameworks and their practical application
* Experience with security assessment methodologies and gap analysis processes
* Understanding of risk management principles and security control implementation
* Knowledge of compliance requirements (SOX, PCI DSS, GDPR, or similar) and audit processes
* Familiarity with security metrics development and reporting
* Understanding of threat intelligence and cyber threat landscape
Professional Skills & Attributes
* Strong analytical and problem-solving abilities with proven track record of independent work
* Excellent communication skills for technical documentation, stakeholder updates, and training delivery
* Project management experience with ability to manage timelines, resources, and deliverables
* Collaborative leadership style with ability to influence and coordinate cross-functional teams
* Strong organisational skills and ability to prioritise multiple projects and competing demands
* Continuous learning mindset with commitment to staying current with cybersecurity developments
Preferred Qualifications
* Bachelor's degree in Computer Science, Information Security, Information Technology, or related field
* Professional cybersecurity certifications such as Security+, CySA+, GSEC, or GCIH
* Experience with security tool implementation, configuration, and optimisation
* Knowledge of enterprise architecture and IT service management practices
* Experience with security awareness program development and delivery
* Understanding of DevSecOps principles and secure software development practices
* Familiarity with cloud platforms (AWS, Asure, GCP) and their security services
I Know I Have Done A Great Job If:
* Complete comprehensive review of current security maturity initiatives and identify areas for immediate contribution
* Establish effective working relationships with key stakeholders and understand organisational security priorities
* Successfully lead implementation of assigned security maturity improvement initiatives with measurable outcomes
* Independently manage security incident response activities and demonstrate advanced analytical capabilities
* Drive measurable advancement in organisational security maturity through successful project leadership
* Become recognised internal expert in specific security areas with ability to mentor junior team members
Other Information:
You will get an excellent salary, with world class benefits.
As leading-edge technology company you will have access to the latest technology, and an environment that will encourage and nurture your curiosity. We are passionate about your development, and you will be empowered to advance your skills and expertise.
Our Commitment to Equality and Diversity:
"Our diversity is a huge part of our success, and collecting data during the hiring process helps us understand how to keep strengthening and supporting that diversity."
We are an equal opportunity employer. We are committed to fostering an inclusive, accessible, and equitable workplace where all qualified applicants receive fair consideration. We do not discriminate on the basis of race, national or ethnic origin, colour, religion, age, sex, sexual orientation, gender identity or expression, marital status, family status, disability, or any other characteristic protected under applicable federal, provincial, or territorial human rights legislation.
The information requested below is collected to help us meet our employment equity and reporting obligations, and to support our ongoing diversity and inclusion initiatives. Providing this information is entirely voluntary. It will not be shared with hiring managers and will not be used in any hiring decision. Declining to provide this information will not affect your application in any way.