London, England, United Kingdom
Our Future HealthWe’re bringing together up to five million people to develop new ways to prevent, detect and treat diseases.
Our Future Health is looking to recruit two Security Engineers to join our Technology and Data Team. You'll be reporting to our newly appointed Director of Information Security. This role is needed to support the implementation of our new security strategy and the onboarding/smooth running of our MSP SOC. You’ll have key relationships with various people across our Security, Tech Ops and Engineering Teams.
This opportunity would suit someone who is looking to take on more ownership in their role, maximise the value provided by our tools and shape the way we work in this newly formed team within Technology and Data.
At Our Future Health, our mission is to transform the prevention, detection and treatment of conditions such as dementia, cancer, diabetes, heart disease and stroke. We’re looking for people to join us on our journey. If you’re looking for a new challenge where you can contribute to helping future generations live in good health for longer, then we’re keen to speak with you.
What you’ll be doing:
This role will help us mature our security operations through enhancing and automating various security controls. In this role, you will :
- Supervise the MSP SOC to ensure a high-quality service is provided, incidents are correctly investigated and resolved and that the maturity (inc. efficiency) of our security monitoring and incident response is continually improving
- Leverage in-house knowledge to enrich and benefit the SIEM and SOC (e.g. managing Sentinel watchlists, assisting with triage, sharing knowledge of our technical estate with the MSP analysts, etc.)
- Create and tune SIEM use cases (inc. Sentinel Analytic Rules and Anomaly Detection Rules)
- Build and operate SOAR capabilities (using Azure Logic Apps)
- Develop automated custom reports on security operational performance and broader security topics (using Sentinel workbooks)
- Tune and enhance our Data Loss Prevention rules (Microsoft Purview Data Loss Prevention)
- Oversee and support the operation of the various Microsoft Defender tools
- Assist with the setup and ongoing usage of Microsoft Purview Information Protection (MPIP), Microsoft Insider Risk Management, Entra Identity Protection and other data protection and compliance tools
- Mature our use of and support the operation of Entra ID (previously AAD) for IAM, Identity Governance and Privileged Identity Management
- Collaborate with wider tech and security teams on the implementation and operation of a robust Customer Identity and Access Management (CIAM) service
- Provide guidance and a level of oversight for vulnerability management and triage work
- Document security processes and security tool low-level design/configuration
- Contribute to the development of security service delivery and operation documentation
- Assist tech teams with integrating their systems and services with security services and tools
- Support the cloud security and application security engineers and wider security team with their various responsibilities, including achieving and maintaining ISO 27001 certification and threat modelling activities.
What you won’t be doing:
Working in a siloed environment with no freedom to make decisions.
Working in an environment where you can’t see the impact your expertise makes.
We’re an agile team who work in short, product focused development cycles, solving complex technology problems in collaboration with a ground-breaking team of Behavioural Scientists, Epidemiologists, Clinical Operations specialists, and Ethicists. We’ve come from start-ups, tech companies, universities, the NHS and health charities. Together we’re experienced in building and scaling big consumer products, working with different kinds of health data.
We absolutely welcome applicants who don't think they meet all the criteria below or who have a non-traditional security background. However please bear in mind that this is a highly hands-on role and scripting skills are essential.
- Proficient in writing Terraform, KQL and ideally Python and PowerShell
- Significant hands-on experience with Microsoft Sentinel
- Significant hands-on experience with Microsoft’s Defender suite, in particular Defender for Endpoints and Defender for O365
- Experience with Microsoft Entra ID (previously AAD), including the Identity Governance capabilities
- Experience of SOAR tooling and automating security capabilities and operations
- Experience in Threat Modelling
- Exposure to Microsoft Purview tooling, in particular MPIP and Purview Data Loss Prevention
- Exposure to working with/inside an MSP SOC
- Exposure to Agile working
- Knowledge of ISO 27001
- Desire to be part of a small fast-paced team
- Relevant certifications, such as: Microsoft certifications (MS-500, AZ-500, SC-200, SC-300, SC-400), CompTIA Security+, GIAC Security Operations Certified (GSOC), Cloud Security Alliance CCSK
- Generous company pension package with employer contributions of up to 12%.
- 30 days annual leave (plus bank holidays.)
- Continuous career development with regular appraisals and learning and development opportunities.
- A lovely new office in Holborn, Central London – we offer flexible and remote working arrangements.
Join us - let’s prevent disease together.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security Azure Cloud Compliance CompTIA GIAC Governance IAM Incident response ISO 27001 Monitoring PowerShell Python Risk management Scripting Security strategy SIEM SOAR SOC Strategy Terraform Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs