info@locke-mccloud.com

Language
Banner Default Image

Cyber Security Engineer

Back to job search

Cyber Security Engineer

  • Job type:

    Permanent

  • Salary:

    £90,000/yr - £110,000/yr

  • Contact:

    William Bottriell

  • Contact email:

    w.bottriell@locke-mccloud.com

  • Contact phone:

    020 3854 2230

  • Published:

    about 1 month ago

  • Expiry date:

    2024-09-13

Cyber Security Engineer

The Opportunity

We are looking for a highly skilled Senior Cybersecurity Engineer to support our Cyber Security Manager and drive our company's cybersecurity strategy. This role involves close collaboration with various technology teams and business units, ensuring a seamless balance between security and business priorities.

The ideal candidate is pragmatic, enjoys tackling challenges, and is eager to learn. You should be adaptable, level-headed under pressure, and possess a strong problem-solving mindset with a passion for technology and a quick learning curve for new concepts and applications.

In this dynamic, global environment, you'll support staff across multiple locations, responding to evolving market demands and trading priorities. Risk assessment and operational effectiveness are crucial, with a focus on maintaining a pragmatic approach to balancing security with convenience.


Key Responsibilities

In this role, you will:

  • Lead ongoing improvements in cybersecurity tools and configurations, identifying and addressing gaps for enhancement.

  • Manage and respond to alerts from various sources, including tooling reports and emails.

  • Conduct threat hunting by investigating the root causes of security alerts and issues across core technologies.

  • Develop and execute training and phishing campaigns to assess and improve staff cybersecurity awareness.

  • Collaborate with infrastructure teams to drive analysis and mitigation efforts.

  • Lead security assessments of third-party tools, network infrastructure, hosts, and applications, including host enumeration, service identification, and packet captures.

  • Identify security gaps, research and recommend improvements, and review new toolsets for potential company use.

  • Design and lead a comprehensive training program for all staff.

  • Facilitate external security testing and mitigation, including penetration testing.

  • Occasionally work on weekends and monitor alerts/emails outside of regular hours, participate in BCP, and conduct cyber incident simulations.

  • Lead due diligence assessments of third-party services, aiding the business in purchasing decisions and security testing applications.

  • Oversee responses to external audits and Due Diligence Questionnaires (DDQs).

  • Create and maintain documentation for internal departments and business use.

  • Prepare and present monthly summary reports to senior management.

  • Conduct annual reviews and updates of security policies and processes.

  • Translate complex security issues into understandable terms for non-technical staff.

  • Engage with vendors for product assessments, proofs of concept, and cost-effectiveness evaluations.


Qualifications and Experience

To be successful in this role, you should have:

  • 5+ years of experience in a Cybersecurity Engineer or similar role.

  • Relevant cybersecurity certifications such as CEH, CISSP, OSCP, or equivalent.

  • Experience in IT System Administration, particularly with Linux and Windows technologies.

  • Strong knowledge of Enterprise-class infrastructure technologies.

  • In-depth understanding of TCP/IP and firewall technologies.

  • Proficiency in Linux/Windows command line operations, including process review, service state monitoring, network activity analysis, and service restarts.

  • Comprehensive knowledge of server, desktop, storage, network, database, firewalls, SaaS, and virtual machine technologies.

  • Experience with Advanced Threat Protection and Behavioral Analytics Tooling.

  • Awareness of industry-announced security issues, threat actors, and the ability to interpret and respond appropriately based on risk and impact.

  • Experience running exploits/penetration testing to assess internal tools and infrastructure.

  • Familiarity with incident management, vulnerability assessment, and management processes.

  • Understanding of DLP, IPS, endpoint protection, anti-malware, sandboxing, and vulnerability scanners.

  • Knowledge of mail security controls and common attack methods, from phishing to insider threats.

  • Strong foundation in TCP/IP, computer networking, routing, and switching.

  • Experience in financial or critical production environments.

  • Expertise in forensics, including investigation and analysis of breaches or other compromises.

  • Scripting skills in at least one language such as Bash, Python, or PowerShell.


This confidential role offers an exciting opportunity to lead and influence our cybersecurity initiatives. If you have the experience, expertise, and passion to excel in a challenging, fast-paced environment, we invite you to apply.


Locke & McCloud are the UK’s leading cyber security & information security staffing company – through having a sole focus on the cyber & information security space we have been able to foster solid relationships with some of the UK’s most exciting cyber security consultancies & end users. Our focus on the information security space allows us to be able to help you find the most exciting.

Back to job search