IT Security Operations Engineer

I'm looking for an IT Security Operations Engineer to support security monitoring, incident response, vulnerability management, and Microsoft 365 security across a hybrid cloud/on‑prem environment. This is a hands‑on operational role working closely with IT, cloud, and network teams to maintain a secure and compliant environment.

Key Responsibilities

• Monitor and investigate security alerts across SIEM, EDR/XDR, and Microsoft security platforms.
• Respond to incidents, perform root‑cause analysis, and implement remediation.
• Track CVEs and coordinate vulnerability remediation across endpoints, servers, and cloud services.
• Manage and optimise Microsoft 365 security (Defender suite, Conditional Access, MFA, Entra ID).
• Improve Secure Score, compliance dashboards, and overall cloud security posture.
• Support identity and access governance activities.
• Contribute to hardening, patching, and baseline enforcement.
• Support ISO27001, GDPR, and internal compliance initiatives.
• Provide audit evidence and maintain security documentation, SOPs, and runbooks.
• Work within ITIL processes including Incident, Problem, Change, and Request Management.
• Assist network teams in securing firewalls, VPNs, proxies, and reviewing security configurations.

Required Experience

• 5+ years in security operations or cyber engineering.
• Strong hands‑on experience with SIEM, EDR/XDR, vulnerability management, and Microsoft 365 security.
• Solid understanding of network security (firewalls, VPNs, IDS/IPS, DNS, TCP/IP).
• PowerShell or Python scripting experience.
• Knowledge of ITIL processes.
• Degree in IT, Computer Science, or similar (or equivalent experience).

Preferred

• Certifications such as CISSP, CISM, CEH, SC‑200/300/400, AZ‑500, MS‑102, ITIL Foundation.
• Experience in regulated or security-mature environments.
• Exposure to cloud-first and identity-driven security models.