Salary: £65,000 - 70,000 per year Requirements: Previous hands-on experience in SecOps or Incident Response. Recognised Security certifications such as Security, CEH, or Microsoft security certifications. Strong knowledge of Microsoft Windows OS security and hardening. Working PowerShell scripting ability for automation tasks. Solid understanding of cloud-native security across M365, Azure, and AWS. Experience with enterprise IT infrastructure. Any experience with the following will be highly favoured: Strong experience with Qualys. Exposure to Varonis. Network security knowledge or relevant certifications (TCP/IP, VPNs, routing, segmentation). Experience working with ServiceNow. Responsibilities: Monitor security tools, including SIEM (QRadar), and respond to threat detection alerts. Triage, analyze, and prioritise security issues via ServiceNow. Investigate root causes of security issues and design effective remediation solutions. Oversee Patch Management. Conduct vulnerability scans with Qualys, analyze results, and prioritise remediation. Document SecOps processes and create knowledge base articles in line with best practices. Automate security tasks and toolchains using scripting (PowerShell, Batch, etc.). Collaborate with external SOC teams. Prepare post-incident reports and root cause analyses. Manage end-user device (EUD) security via MS Intune, Sophos, and NinjaOne. Schedule and assess vulnerability scans on critical infrastructure. Maintain patching compliance for OS, Microsoft Office, and third-party applications. Support infrastructure teams to deploy systems, enhance security policies, and manage security-driven changes. Produce weekly security operations reports. Manage Cisco Umbrella web filtering and SSL inspection policies. Technologies: AWS Azure Cloud Cisco Support Network PowerShell Security ServiceNow TCP/IP Web Windows DevOps More: We are a well-established and highly profitable construction engineering business seeking an experienced SecOps Engineer to join our team on a permanent basis. This is a critical leadership role within our organization, which is undergoing significant digital transformation. Our ambitious growth and acquisition plans drive the need for scalable, standardized, and efficient business applications. This role is ideal for a proactive security professional with strong technical expertise across application, network, and infrastructure security. You will play a key part in implementing security controls, mitigating risk, and contributing to the continuous improvement of our overall security posture. Please note that this role initially requires four days per week onsite, transitioning to three days once probation is completed. Working hours are from 08:00 to 17:00. last updated 14 week of 2026