About The Role
I'm working with a financial services company where security is taken seriously and not just viewed as a tick box exercise. This is well suited to someone who enjoys analysing security incidents, working across a range of security platforms, and contributing directly to strengthening an organisation's overall cyber resilience.
You'll work closely with teams across the business, contribute to the direction of security initiatives, and promote good security practices that protect core business services.
What You'll Do
* Monitor and analyse security alerts and activity across endpoints, identity platforms, email systems, and cloud environments using tools
* Investigate potential security events including phishing attacks, malware activity, account compromise, and attempts at unauthorised access
* Assess incidents through triage and root cause analysis, coordinating containment and remediation actions
* Identify patterns, vulnerabilities, and emerging threats that could pose risk to the organisation
* Fine‐tune and improve security tooling to enhance detection capability and minimise false alerts
* Configure, manage, and maintain endpoint security controls and policies
* Assist with vulnerability management efforts, including prioritisation, remediation coordination, and risk reporting
* Develop and refine security monitoring rules, alerting mechanisms, and operational dashboards
* Contribute to the ongoing improvement of the organisation's overall cyber security posture and operational maturity
* Collaborate closely with infrastructure, IT operations, and service desk teams to resolve security‐related issues
What You'll Bring
* Professional experience in a cyber security engineering, SOC or operational security role
* Experience with MS Defender for Endpoint and/or Microsoft 365
* Experience working with a SIEM platform detection and investigation
* Strong knowledge of modern cyber threats, attack techniques, and incident response methodologies
* Ability to review and interpret logs, alerts, and endpoint telemetry to assess impact, scope, and underlying cause
* Solid understanding of Windows‐based environments along with foundational networking principles
* Ability to document incidents clearly and accurately
* Experience using a range of security and assessment tools (e.g. Metasploit, Nexpose, Nmap, Nessus, Wireshark, or similar)
* Security standards and frameworks, including ISO 27001 and the NIST
Nice to have certifications but not essential: CISSP, CISM, CEH, CompTIA Security+, Cloud security certifications (AWS/Azure)
Interested?
Apply now for more information!