Senior Cyber Security Expert

We are seeking an experienced Senior Cyber Security Engineer to join our dynamic team. In this role, you will play a key part in the design, deployment, and ongoing management of security technologies across our organisation.

The successful candidate will bring proven expertise in the design, implementation, and support of cyber security solutions, as well as excellent communication and relationship-building skills to work effectively across business and technical teams.

• SIEM & Threat Detection: Manage and deploy Elasticsearch SIEM components, including Elastic Agent and security integrations. Create and tune security detections, alerts, and dashboards within Kibana. Integrate and manage new security log sources.
• Architecture and Design: Actively participate in the selection, design and configuration of new security tools. Act as a key technical resource for security improvements across the organisation.
• Endpoint Detection and Response: Manage, deploy and monitor CrowdStrike Falcon EDR, ensuring optimal security posture across endpoints. Configure and fine-tune CrowdStrike policies to enhance detection and prevention capabilities. Leverage CrowdStrike APIs to automate detection, response, and forensic investigations.
• Microsoft 365, EntraID and Active Directory Security: Manage and secure Microsoft 365, EntraID security features, including Defender for Office 365 and Conditional Access Policies. Ensure Active Directory security is maintained and benchmarked against best practice initiatives. Monitor security compliance within Microsoft cloud environments.
• AWS & Cloud Security Management: Monitor AWS security services such as GuardDuty, Security Hub, and CloudTrail for suspicious activity. Develop AWS security automation for monitoring, alerting, and response.
• Security Compliance & Continuous Improvement: Support security risk assessments and contribute to vulnerability management efforts. Assist in audit and compliance activities, ensuring adherence to security policies and regulatory requirements. Maintain and update security documentation, incident playbooks, and response procedures.
• Automation & Security Engineering: Leverage PowerShell, Python and Power Automate to streamline security response workflows. Automate security event triage and remediation using SOAR methodologies.
• Technical Guidance and Support: Provide technical guidance, and day-to-day support to Cyber Engineers and Cyber Analysts, where required, to enhance their capabilities in security operations, incident response and vulnerability management. Act as a trusted escalation point for complex technical issues, providing expert input and encouraging critical thinking and solution-oriented approaches among the team.

To be successful in this role, you will require:

• 5+ years in a similar Engineering role and proven experience across cyber security roles.
• Proficiency in managing Elasticsearch and Elastic Stack components is required for this role (Elastic Agent, SIEM integrations, Kibana).
• Experience in researching and implementing proactive defensive initiatives in direct response to new or targeted attack techniques seen across the treat landscape.
• Proven experience designing, managing and supporting security uplift projects from inception to completion involving coordination across multiple departments.
• Expertise in securing and managing CrowdStrike Falcon EDR, Active Directory, M365, EntraID, Exchange Online and AWS security services.
• Knowledge of security frameworks such as NIST, ASD Essential 8, and MITRE ATT&CK.
• Ability to work independently and contribute to security automation projects.

Please note that further desirable requirements include certification in Elasticsearch and SANS GCFA or similar security certification.

Become a part of our innovative team and take advantage of our range of benefits, including flexible work arrangements, employee assistance programme, and discounted gym membership nationally with Fitness Pass.

We celebrate and welcome difference at our organisation and encourage everyone to bring their whole self to work. We offer a unique opportunity to work on cutting-edge security solutions and collaborate with a talented team.