312 Cybersecurity Engineer jobs in London

Cybersecurity Engineer

Location: 3 days per wk from home / 2 days in London

Salary: Circa 65K – 75K + Benefits

Cybersecurity Engineer  required by fast-growing, revolutionary tech company!

This is a challenging, hands-on role leading the security of their applications, APIs, infrastructure, and data. You’ll identify vulnerabilities, define best practices, and implement controls without slowing delivery

Essential:

• At least 3yrs in cybersecurity, application security, or cloud security roles
li>Strong knowledge of web/mobile security (OWASP Top 10, API security), cloud security (AWS), and CI/CD pipeline hardening
• Familiar with SAST/DAST tools, vulnerability scanners, penetration testing frameworks, and monitoring platforms (e.g. Splunk, ELK, Datadog)
• Understanding of GDPR and data privacy best practices

Tremendous opportunity offering plenty of scope for career progression in a friendly, innovative environment where you'll be able to bring ideas and keep up to date with emerging technologies! 

Apply now for FULL details!

• Monitor security alerts and events from various sources, including SIEM, IDS/IPS, and endpoint protection platforms.
• Investigate and respond to security incidents in a timely and effective manner, including root cause analysis and remediation.
• Conduct regular vulnerability assessments and penetration tests to identify security weaknesses.
• Develop and maintain security documentation, including policies, standards, and guidelines.
• Collaborate with IT and development teams to integrate security best practices into the software development lifecycle.
• Stay abreast of the latest security threats, trends, and technologies.
• Provide security awareness training to employees.
• Contribute to the continuous improvement of the information security program.
• Participate in security audits and compliance reviews.
• Evaluate and recommend new security technologies and solutions.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent practical experience).
• Proven experience (5+ years) in information security, with a focus on threat detection and incident response.
• Strong understanding of security frameworks such as ISO 27001, NIST, and GDPR.
• Experience with SIEM tools (e.g., Splunk, QRadar), EDR solutions, and network security technologies.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to explain complex technical concepts to non-technical stakeholders.
• Relevant security certifications such as CISSP, CISM, or GIAC are highly desirable.

• Conduct comprehensive security risk assessments and vulnerability analyses.
• Develop and implement security policies, standards, and procedures.
• Manage and monitor security information and event management (SIEM) systems.
• Respond to and investigate security incidents, providing detailed post-incident reports.
• Collaborate with IT teams to ensure security is integrated into system design and deployment.
• Oversee the implementation of security awareness training programs for employees.
• Stay abreast of the latest security threats, trends, and technologies.
• Manage third-party security risks and ensure vendor compliance.
• Contribute to the development and execution of disaster recovery and business continuity plans.
• Mentor junior security analysts and provide technical guidance.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree is a plus.
• Minimum of 5 years of experience in information security, with a proven track record in risk management and incident response.
• In-depth knowledge of security frameworks (e.g., NIST, ISO 27001).
• Proficiency in SIEM tools, intrusion detection/prevention systems, and firewalls.
• Strong understanding of network security, cryptography, and cloud security.
• Excellent analytical and problem-solving skills.
• Ability to communicate complex security concepts to both technical and non-technical audiences.
• Relevant security certifications such as CISSP, CISM, or CEH are highly desirable.

• Develop, implement, and maintain security policies, standards, and procedures for cloud environments.
• Monitor cloud infrastructure for security vulnerabilities, threats, and incidents using SIEM, IDS/IPS, and other security tools.
• Conduct regular security assessments, penetration testing, and vulnerability scans of cloud applications and infrastructure.
• Respond to and manage security incidents, including investigation, containment, eradication, and recovery.
• Implement and manage identity and access management (IAM) solutions in cloud environments.
• Ensure compliance with relevant security regulations and standards (e.g., ISO 27001, SOC 2, GDPR).
• Collaborate with development and operations teams to embed security into the DevOps lifecycle (DevSecOps).
• Stay informed about the latest cloud security threats, vulnerabilities, and best practices.
• Develop and deliver security awareness training to employees.
• Automate security tasks and processes where possible to improve efficiency.
• Lead security architecture reviews for new cloud deployments and services.
• Contribute to the development of disaster recovery and business continuity plans.

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• 5+ years of experience in information security, with a significant focus on cloud security (AWS, Azure, or GCP).
• In-depth knowledge of cloud security principles, best practices, and common vulnerabilities.
• Hands-on experience with security tools such as SIEM, vulnerability scanners, firewalls, and IDS/IPS.
• Proficiency in scripting languages (e.g., Python, Bash) for automation is highly desirable.
• Strong understanding of network security, cryptography, and authentication protocols.
• Experience with incident response and forensics.
• Relevant security certifications (e.g., CISSP, CCSP, AWS Certified Security – Specialty) are a plus.
• Excellent analytical and problem-solving skills.
• Strong communication skills, capable of explaining complex security concepts to both technical and non-technical audiences in a remote setting.

• Monitor security alerts and logs from various security tools (SIEM, IDS/IPS, EDR) to identify and investigate potential security incidents.
• Lead and coordinate incident response activities, including containment, eradication, and recovery.
• Perform in-depth forensic analysis of security breaches and develop remediation strategies.
• Develop, implement, and maintain security policies, procedures, and best practices.
• Conduct regular vulnerability assessments and penetration testing.
• Manage and configure security tools and technologies.
• Provide expert guidance on security best practices to IT teams and stakeholders.
• Develop and deliver security awareness training programs.
• Stay current with emerging threats, vulnerabilities, and security technologies.
• Participate in security architecture reviews and provide recommendations.
• Assist in the development and execution of disaster recovery and business continuity plans.
• Create detailed reports on security incidents, findings, and recommendations.

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
• Minimum of 6 years of experience in information security, with a focus on threat analysis and incident response.
• Strong understanding of networking protocols, operating systems (Windows, Linux), and common attack vectors.
• Hands-on experience with SIEM platforms (e.g., Splunk, QRadar), EDR solutions, and other security tools.
• Proficiency in security forensics and malware analysis techniques.
• Relevant certifications such as CISSP, CISM, CEH, or GIAC are highly desirable.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong written and verbal communication skills, with the ability to articulate technical issues to both technical and non-technical audiences.
• Ability to work independently and manage complex investigations under pressure in a remote setting.
• Experience with cloud security (AWS, Azure, GCP) is a plus.

Job purpose:

The security analyst will join a small security team for one of our clients in Central London. you will be a subject matter expert on all aspects of security to include mail security, web security, infrastructure security and end user device security.

The security analyst plays a key role in driving and improving and technology security at the organisation, providing expert advice and reliable guidance to a broad range of colleagues and stakeholders to achieve this.

Key Accountabilities:

• Proactively assess device and application logs for security vulnerabilities, as well as investigate causes and ultimately resolve or mitigate those vulnerabilities

• Lead and investigate security breaches and cyber incidents, providing timely resolution to agreed service level agreements/expectations

• Install Security updates/measures in line with best practices to ensure that the client is protected against the latest cyber security threats

• Work with third parties and internal teams to schedule proactive penetration tests, ensuring that vulnerabilities are resolved or mitigated

• Support the delivery of security training to all end users

• Regular monitoring of potential security risks externally and internally, provide clear expert advice and reliable guidance

• Manage regular security assessments of various key services

• Regularly assess key third party suppliers to ensure their security compliance

• Work with operational and delivery teams to ensure security design principles have been evaluated and adopted

• Provide clear expert advice and reliable guidance to end users on all things relating to cybersecurity

• Effectively collaborate with internal teams in relation to cybersecurity audits, including the resolution of outstanding actions

• Manage the creation and regular updating of Security policies

• A proactive approach to supporting a welcoming and respectful working environment for all colleagues at the organisation.

Knowledge, skills and experience

Essential:

• Relevant experience working as an effective Security Analyst

• Strong understanding of mail filtering technologies

• Strong understanding of Cloud infrastructure technologies, including encryption

• Demonstrable experience of working with Microsoft Sentinel, Defender and Purview

• Excellent understanding of security frameworks (NIST and Cyber Essentials)

• Ability to lead and manage third party providers

• Strong understanding of incident response processes and methodologies including leading and managing incidents

• Lead on root cause analysis, providing relevant documentation including recommendations

• indemonstrable experience of implementing a robust and trustworthy security configuration for various devices, ensuring that all security protocols are effectively set up to protect against unauthorised access and potential threats

• Proficient with SIEM, IDS/IPS, vulnerability scanners, and Azure security tools.

• Experience of leading on technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations for risk mitigation

• Experience in testing and reviewing new security solutions

• A strong commitment to supporting of diversity, inclusion, respect and dignity in the workplace