Cyber Security Engineer
Check out the role overview below If you are confident you have got the right skills and experience, apply today.
Location: London (Hybrid - 2 days per week in office)
Industry: SaaS
Type: Full-time
About the Role
We are seeking a hands-on Cyber Security Engineer to join a growing Security Operations team within a fast-paced, data-driven organisation.
This is an operationally focused role responsible for the day-to-day monitoring, optimisation, and improvement of core security platforms across cloud, endpoint, and network environments.
You will play a key role in protecting the organisation by triaging alerts, investigating security events, and supporting remediation activities.
Key Responsibilities
Security Tooling Operations
* Monitor, triage, and investigate alerts across core platforms including Wiz, Zscaler, and CrowdStrike
* Validate alerts, assess impact, and ensure appropriate remediation actions are taken
* Perform tuning activities to reduce false positives and improve detection quality
* Maintain visibility and coverage across endpoints, cloud environments, and network traffic
Incident Response & Investigation
* Conduct initial investigation of security incidents, gathering and analysing evidence
* Escalate incidents appropriately based on severity and impact
* Execute containment actions where required (e.g. endpoint isolation, access restrictions)
* Support post-incident reviews and continuous improvement of response processes
Cloud & Platform Security
* Identify misconfigurations, excessive permissions, and exposed assets within cloud environments
* Support vulnerability validation and remediation tracking
* Assist in strengthening cloud security posture through continuous monitoring
Security Operations
* Perform daily alert reviews across SIEM and security tooling
* Contribute to runbooks, playbooks, and operational documentation
* Support threat intelligence analysis and apply findings to detection and response activities
* Work closely with Engineering, DevOps, and IT teams to drive remediation
Essential Requirements
* Minimum 1 year of commercial, hands-on experience with at least one of the following:
o CrowdStrike Falcon
o Zscaler
o Wiz
* Experience working in a Security Operations or SOC environment
* Proven experience in alert triage, incident investigation, and response
* Familiarity with SIEM platforms and security telemetry analysis
* Understanding of cloud security concepts (Azure, AWS, or GCP)
* Ability to assess alert context, prioritise effectively, and follow structured processes
Desirable Skills
* Experience with threat hunting and threat intelligence
* Knowledge of MITRE ATT&CK or Cyber Kill Chain frameworks
* Exposure to SaaS and cloud-native security tooling
* Experience with scripting or query languages (e.g. KQL, SPL, Python)
* Familiarity with DevOps environments and CI/CD pipelines
* Experience with identity security and access controls
What We're Looking For
* A hands-on engineer who is comfortable operating directly within security tools
* Strong attention to detail and disciplined approach to investigations
* Ability to communicate clearly with both technical and non-technical stakeholders
* Proactive xsngvjr mindset with a focus on continuous improvement
* Someone who takes ownership and drives outcomes
Benefits
* Competitive salary and performance-based bonus
* Hybrid working model with flexible office access
* Pension scheme with employer contribution
* 25 days annual leave with option to purchase additional days, plus birthday off
* Private healthcare and employee assistance programme
* Work-from-anywhere policy (up to 2 months per year)
* Enhanced parental leave (maternity, paternity, adoption, shared parental)
* Wellbeing support including mental health resources and gym discounts
* Cycle-to-work and tech purchase schemes
* Electric vehicle salary sacrifice scheme
* Volunteer day and regular company social events
* Dedicated learning and development time with access to training platforms
Important Requirement
Candidates must have at least 1 year of hands-on commercial experience using CrowdStrike, Zscaler, or Wiz. Experience gained solely through labs, certifications, or academic work will not meet this requirement.