Job Description
Cyber Security Engineer – UK National (SC Cleared)
Location: Hybrid – Feltham or Huntingdon (60–70% remote following onboarding)
Type: Permanent | Competitive Salary | Travel Expenses Covered
Sanderson G&D are partnering with a scaling Cyber Security consultancy offering great flexibility and fantastic progression opportunities. You'll be working directly with clients across the public and commercial sectors collaborating with stakeholders and engineers across the business. The organisation is seeking an experienced Cyber Security Engineer with security clearance to support critical national security functions, including vulnerability management, endpoint protection, and incident response, within a highly secure environment.
Role Overview:
This is a hands-on engineering role requiring the delivery of endpoint security engineering activities aligned to NIST controls and the reduction of security vulnerabilities across infrastructure and products. You will be working as part of a dedicated security function within a government-aligned environment.
Location Details:
Initial onboarding will be carried out on-site in Feltham (5 days per week for 4–6 weeks). Following this period, the position transitions to a hybrid model with 60–70% remote working, based from either Feltham or Huntingdon. All travel costs will be reimbursed.
Security Clearance:
Active SC clearance is required. Candidates must be single UK nationals and, due to the nature of the initial project, cannot be dual national.
What we're looking for:
* Strong understanding of modern endpoint security and hardening practices
* Familiarity with NIST security controls and vulnerability management processes
* Practical experience with tools such as Ivanti, Trellix, SonarQube, Nessus, or Trivvy
* Comfortable working within Agile or Scrum environments
* Excellent written and verbal communication skills, with strong documentation capabilities
Who this role will suit:
* Experienced engineers seeking to contribute to impactful and meaningful projects.
* Individuals with a strong interest in enhancing security capabilities across the UK public sector.
* Professionals who value collaboration and are comfortable working closely with a range of stakeholders.
* Those with a growth mindset, intellectual curiosity, and a personable, team-oriented approach.
Key Responsibilities:
Vulnerability Scanning & Reporting
* Conduct regular scans using tools such as SonarQube, Trivvy, and Nessus
* Generate and analyse vulnerability reports; support the Vulnerability & Patch Manager
Endpoint Security
* Maintain and manage endpoint protection tools including Trellix and Ivanti
* Perform firewall rule audits, manage access controls, and update security policies
Incident Response
* Support the resolution of security incidents and service tickets
* Conduct triage and root cause analysis; assist in restoring normal service
System Hardening & Compliance
* Ensure systems comply with CIS, STIG, and NIST frameworks
* Maintain and update group policy objects and apply security patches
Change Management
* Conduct security triage on planned infrastructure changes
* Participate in planning and review meetings to ensure compliance
Documentation & Stakeholder Engagement
* Maintain accurate documentation including HLDs, LLDs, SOPs, and compliance records
* Engage in daily stand-ups, workshops, and technical sessions as required
This role offers the opportunity to contribute to vital national security programmes within a technically progressive and collaborative team. Candidates seeking a long-term position within a secure and mission-focused environment are encouraged to apply.
To express your interest or for a confidential discussion, please submit your CV.