Security Engineer

We are seeking a highly skilled Security Engineer to design, build and optimise our security platform and controls across on prem and cloud. Partnering with SOC/incident response, IT/DevOps and business teams, you will strengthen SIEM analytics, EDR policy and response, identity and access (IAM) controls, and security logging/retention to accelerate detection, containment and risk based decision making. (This role includes core traditional security engineer responsibilities.)

Key Responsibilities Endpoint & Detection Operations

• Operate and fine-tune EDR, ensuring high visibility and timely response to detections.
• Investigate alerts, triage incidents, and coordinate remediation with IT and engineering teams.
• Develop and maintain detection rules, response playbooks, and operational dashboards.

Vulnerability & Exposure Management

• Run regular vulnerability scans across endpoints, servers, and cloud workloads.
• Prioritise findings based on exploitability and asset criticality.
• Work with system owners to track remediation progress and verify fixes.

Cloud Security (AWS Focus)

• Review and improve AWS configurations using AWS tools or CNAPP / CSPM monitoring tools (e.g., Wiz, Orca)
• Support secure architecture and IaC practices (Terraform, CloudFormation) with dev teams.
• Automate checks and alerting for misconfigurations and policy violations.

Secure Development & DevSecOps (Nice to Have)

• Support developers on secure coding practices and pipeline integration (e.g., Snyk).
• Review secrets management, API credential handling, and CI/CD pipeline security.

Identity & Access Control

• Implement and maintain least privilege and MFA policies across systems.
• Assist with SSO/SCIM integrations (e.g., Entra ID, 1Password, Cloudflare Zero Trust).

Collaboration & Continuous Improvement

• Work alongside IT Operations and Cloud teams to deploy, harden, and monitor security tools.
• Participate in incident response exercises, phishing simulations, and post-incident reviews.
• Contribute to process documentation and internal knowledge base (e.g., runbooks, playbooks).

• 4-6 years of hands on security experience, ideally in endpoint protection, cloud security, or vulnerability management.
• Strong working knowledge of AWS security services, IAM, and network fundamentals.
• Practical experience with EDR tools (CrowdStrike, Defender, etc.) and vulnerability scanners (Qualys, Tenable, etc.).
• Solid understanding of incident response, detection engineering, and access control principles.
• Exposure to security frameworks (ISO 27001, SOC 2, NIST) is a plus, but not mandatory.
• Clear communicator who can explain security findings to both technical and non-technical teams.

• Hybrid working arrangement - 2 Days of remote work per week
• Opportunities for enriching career growth, including exposure to regional contexts
• Complimentary snacks and beverages available in the office pantry
• Healthcare coverage (medical, dental, optical), gym benefits
• Flexibility in smart casual dress code
• Young, vibrant and open work culture