Junior Security Engineer - Operations
Job Description
Location: Knutsford, UK
Department: Security
Reports to: CISO
Strictly no agencies
Must have full right to work
Office based/Hybrid Position Overview
The Junior Security Engineer - Ops is an operational role responsible for supporting the day-to-day security activities of the Custodia. The role focuses on monitoring security controls, responding to alerts and incidents, and assisting with the implementation and maintenance of technical security measures that protect company systems, data, and services. Working closely with senior security leadership, IT, engineering teams, and the SOC, the Junior Security Engineer - Ops helps ensure security controls operate effectively, supports compliance requirements through evidence and remediation activities, and contributes to the continuous improvement of the organisation's security posture. The role also plays an important part in reinforcing security best practices and developing hands‑on security capability within the business.
Key Responsibilities
1. Security Operations Support & Reporting
o Support the execution of the organisation's security strategy by operating and monitoring technical security controls.
o Assist with identifying, investigating, and escalating security alerts, incidents, and potential threats across cloud and on‑prem environments.
o Implement and maintain security configurations in line with approved policies, standards, and technical baselines.
o Collect, validate, and maintain operational security metrics (e.g. alert volumes, response times, control health) to support security reporting.
o Contribute to regular operational security updates and incident summaries for senior security leadership.
o Work closely with IT, engineering teams, and the SOC to ensure security detections, logging, and response processes are functioning effectively.
o Support continuous improvement of monitoring and detection capabilities through alert tuning, use‑case validation, and feedback into the SOC.
2. Security Operations (BAU)
o Perform day-to-day (BAU) security operations, including:
+ Monitoring security alerts and incidents (via SOC and Sentinel)
+ Supporting access reviews and entitlement checks
+ Assisting with patching validation and remediation tracking
+ Maintaining security logs and evidence
o Support the implementation and operation of security controls such as endpoint protection, identity controls, logging, and monitoring solutions.
o Assist with incident response activities by:
+ Investigating alerts
+ Collecting evidence
+ Escalating incidents in line with defined runbooks and procedures
o Support the ongoing improvement of centralised monitoring and detection capabilities, including alert tuning and use‑case validation.
o Assist with Privileged Access Management (PAM) and Privileged Identity Management (PIM) activities, including monitoring and exception tracking.
o Maintain awareness of emerging threats and vulnerabilities and raise findings with senior security team members.
o Support delivery of security awareness activities and reinforce security best practices across the organisation.
3. Collaboration and Stakeholder Management
o Collaborate with cross‑functional teams, including Risk & compliance, IT, legal, human resources, and operations, to ensure security and compliance requirements are met.
o Engage with industry groups to maintain awareness of best practices and emerging trends.
o Provide guidance and recommendations to management and employees on security‑related matters.
o Foster a culture of security awareness and accountability throughout the organisation.
Qualifications & Experience
* Bachelor's degree in Information Security, Cybersecurity, Computer Science, or a related field (or equivalent practical experience).
* 0-3 years' experience in a security, IT, SOC, or technical operations role.
* Foundational understanding of:
o Cloud security concepts (preferably Microsoft Azure)
o Identity and access management principles
o Logging, monitoring, and alerting
* Exposure to security standards or frameworks such as ISO 27001, NIST, or CIS Controls is desirable but not essential.
* Familiarity with security tooling such as Microsoft Sentinel, Defender, or similar SIEM/EDR platforms is advantageous.
* Willingness to learn incident response processes and security operations best practices.
Certifications
* Microsoft SC-900 – Security, Compliance, and Identity Fundamentals
* Microsoft AZ-900 – Azure Fundamentals
* Microsoft SC-200 – Security Operations Analyst
* Microsoft AZ-500 – Azure Security Engineer Associate
Soft Skills and Leadership
* Leadership, communication, and stakeholder engagement skills across technical and non‑technical teams
* Ability to influence and educate teams on security awareness and compliance best practices
* Comfortable working in high‑trust, regulated environments with executive‑level visibility
* Highly organised, analytical, and proactive in identifying and mitigating risks
#J-18808-Ljbffr