Hackajob*
is collaborating with
UK Biobank
to connect them with exceptional tech professionals for this role.*
Job Description**
JOB TITLE: IT Systems Security Engineer (Level 3)
DEPARTMENT: Data and Technology
REPORTS TO: Head of Information Security
DIRECT REPORTS: None
LOCATION: UK Biobank's facilities in Greater Manchester (Initially based in Stockport
with a move to Manchester Science Park date in 2026/27).
Purpose Of The Role
Reporting to the Head of Information Security, this is a specialist role within the Data & Technology
Team.
Working closely with internal and external stakeholders, the role holder will use their knowledge and
experience to identify information security risks and implement practical measures to protect the
organisation's data, services, and physical assets.
The role holder will also be involved in the Data & Technology transformation programme, supporting
the introduction of new technologies and services that deliver proactive threat prevention whilst
ensuring staff and other authorised users are able to access services easily, securely, and without
unnecessary barriers.
Principal Duties And Responsibilities
* Provide expert advice and assistance to enhance the security of UK Biobank data, services,
and physical assets
* Work with the Head of Information Security to develop a long-term strategy to address
vulnerabilities and protect sensitive data from loss, compromise, and misuse
* Work with the IT Manager to protect information assets in accordance with data
classification
* Assist with the re-design of the organisation's security architecture
* Monitor the vulnerability exposure of all end point operating systems, applications, and
services
* Oversee the deployment of security patches, firmware, drivers, and general updates
* Undertake information security risk assessments, including for end point devices that are in
exception and cannot be updated due to concerns regarding business continuity
* Ensure that risks are recorded accurately and that risk owners are aware of their exposure
* Where appropriate, manage identified risks to mitigation
* Work across Data & Technology to implement controls necessary to maintain a robust
security posture
* Work with Infrastructure and Network specialists to employ technologies such as network
segmentation, software defined networking, and Security Service Edge (SSE) solutions
* Contribute to the continuous development of security processes, and overall IT capability in
the management of security
* Ensure security and technology controls are documented and are operating in compliance
with both internal and external requirements
* Review and manage SIEM alerts from our managed SOC, escalating incidents when needed.
* Produce regular reports on various information security metrics
* Respond to, investigate, and aid in the resolution of information and cyber security incidents
* Participate in the development and testing of the security incident response plan
* Engage with partners, suppliers, and other third parties to evaluate risk, examine contracts,
and identify data privacy issues
* Assist with the completion of regulatory audits
* Follow defined IT service management practices to ensure agreed service levels are
maintained
* Analyse proposed changes from an IT security standpoint to ensure risks are not introduced
* Assist with the evaluation and testing of new technologies and services
* Perform all duties in accordance with UK Biobank standards and regulations
* Support IT projects as directed by the Head of Information Security or IT Manager
Secondary Duties And Responsibilities
* Participate in general security management activities, including the installation of patches
and updates, and the maintenance of antivirus/EDR software
PERSON SPECIFICATION
Essential Experience And Knowledge
* At least 5 years operational experience working in a security analyst, engineer, or similar role
within a complex, multi-site organisation
* CompTIA Security+, SSCP, or equivalent qualification
* Knowledge of the security models, standards, practices, benchmarks, and controls
advocated by bodies such as ISO, NIST, CIS, OWASP, CAF and NCSC
* Experience of risk management and third-party assurance
* Experience of technical and information security compliance reviews and audits, with a good
grounding in well-known standards and frameworks such as ISO27001/2, ISO27018, PCIDSS, and NIST
* A clear understanding of challenges associated with data privacy and associated regulatory
compliance, particularly the DPA, GDPR, and HIPPA
* Strong knowledge and understanding of the cyber threat landscape
* Knowledge and experience of the approaches and technologies used to secure operating
systems (Windows, Mac, and Linux), databases, networks, cloud platforms, applications, and
software code
* Experience working with vulnerability scanning and threat detections tools, including those
used on cloud platforms (experience working with Microsoft Azure would be advantageous)
* Experience working with security technologies such as antivirus/EDR software (ideally
CrowdStrike), device encryption, and SIEM solutions (ideally MS Sentinel)
* Knowledge of networking and Zero Trust Network Architectures
* Experience or knowledge of delivering information security risk assessments
* Experience of continuity planning, incident management, and incident response
* Experience of writing security or design documentation, including policies, standards,
benchmarks, or secure designs
* Excellent verbal communication skills with the ability to engage effectively with technical
and non-technical stakeholders at all levels
* Excellent written communication skills with the ability to produce clear and concise
documentation
* Strong people skills and ability to work well within a team
* An ability to quickly determine the nature of new threats and deliver appropriate responses
* Attentive to detail with excellent problem-solving and information gathering skills
Desirable Experience And Knowledge
* CISM, CISSP, or CCSP qualification
* Experience of firewall administration, ideally Fortinet
* Experience of working with identity management, data classification, and access control
systems
* Knowledge of cryptography and secure communication protocols