Senior Information Security Engineer

- Lead day-to-day security operations and act as the primary contact for the third-party SOC. - Analyse and interpret logs, alerts, and threat data to identify potential security incidents. - Ensure security tooling is correctly configured, operational, and fully utilized. - Support or lead security incident investigations, including root cause analysis and remediation. - Conduct vulnerability assessments and maturity scans, ensuring risks are clearly communicated and mitigated. - Oversee third-party penetration tests, manage remediation plans, and maintain strong vendor relationships. - Work with Microsoft security technologies such as Microsoft Defender, M365, Entra ID, and Azure security tools. - Oversee configuration changes, ensure tools are effectively integrated, and monitor identity and access management to detect potential misuse of credentials or privileges. - Apply technical expertise to support improvements to security configuration, identity management, and endpoint security. - Support internal teams when changes to systems may impact SOC monitoring or defensive controls. - Contribute to security policy development and help ensure alignment with standards such as ISO 27001, Cyber Essentials, NIST, and UK GDPR. - Assist with internal/external audits and maintain documentation to demonstrate compliance. - Support awareness initiatives, phishing simulations, and internal training. - Stay ahead of new threats and emerging technologies, recommending ongoing improvements. - Mentor junior members of the security team and promote best practice security behaviours.