Cybersecurity Engineer

Overview

Senior Cybersecurity Engineer

About The Role

Threat Detection & Monitoring

• Design, build, and optimise detection use cases within SIEM and SOAR platforms.
• Translate threat intelligence into actionable detection logic.
• Analyse security events to identify gaps in visibility or detection capability .
• Work with analysts to improve alert quality and reduce false positives.

Incident Response & Vulnerability Management

• Act as an escalation point for complex security incidents.
• Perform deep technical investigations into suspicious activity, malware, and breaches.
• Support incident response efforts and drive improvements based on lessons learned.
• Contribute to the automation of detection and response workflows.

Cloud & Infrastructure Security

• Configure and monitor security controls across cloud environments (Azure, AWS, GCP).
• Validate that security baselines and configurations align with best practices .
• Support secure design for new projects and infrastructure changes .

Collaboration & Mentorship

• Work closely with IT, cloud, and DevOps teams to embed security into day-to-day operations.
• Contribute to architectural reviews and threat modelling exercises.
• Mentor engineers and SOC analysts, supporting team development and capability building.
• Promote security best practices across the organisation.

Documentation And Continuous Improvement

• Develop and maintain documentation, playbooks, and engineering runbooks.
• Recommend and implement improvements to tools, processes, and detection capabilities.
• Help drive increased automation, efficiency, and maturity across security operations.

Essential

• 5+ years’ experience in cybersecurity engineering or security operations.
• Strong hands-on experience with SIEM, SOAR, and EDR platforms (e.g., Microsoft Sentinel, Palo Alto XSIAM, CrowdStrike, Splunk, Defender, or similar).
• Understanding of cybersecurity frameworks and standards (e.g., NIST SP 800-37r2, NIST SP 800-61r).
• Solid understanding of attacker techniques and frameworks such as MITRE ATT&CK.
• Experience designing and implementing technical security controls.
• Practical experience in incident response and vulnerability management.
• Ability to analyse complex problems and work independently.

Desirable

• Certifications such as CISSP, CCSP, SC-200, AZ-500, or relevant GIAC certifications.
• Experience with scripting or automation (PowerShell, Python, Bash).
• Exposure to DevSecOps practices and cloud-native security.
• Experience with detection engineering (e.g., Sigma, detection-as-code).
• Experience mentoring or supporting junior team members.

Why Join Us?

• Work in a high-impact, technically challenging role.
• Help shape and evolve modern cybersecurity capabilities.
• Collaborate with a forward-thinking, cross-functional team.
• Opportunities for growth, learning, and career progression.
• If you’re passionate about cybersecurity engineering and want to play a key role in strengthening and evolving security in a complex environment, we’d love to hear from you.