Security Engineer

Our Future Health is looking to recruit two Security Engineers to join our Technology and Data Team. You'll be reporting to our newly appointed Director of Information Security. This role is needed to support the implementation of our new security strategy and the onboarding/smooth running of our MSP SOC. You’ll have key relationships with various people across our Security, Tech Ops and Engineering Teams.

This opportunity would suit someone who is looking to take on more ownership in their role, maximise the value provided by our tools and shape the way we work in this newly formed team within Technology and Data.

At Our Future Health, our mission is to transform the prevention, detection and treatment of conditions such as dementia, cancer, diabetes, heart disease and stroke.  We’re looking for people to join us on our journey. If you’re looking for a new challenge where you can contribute to helping future generations live in good health for longer, then we’re keen to speak with you. 

What you’ll be doing:

This role will help us mature our security operations through enhancing and automating various security controls. In this role, you will :

• Supervise the MSP SOC to ensure a high-quality service is provided, incidents are correctly investigated and resolved and that the maturity (inc. efficiency) of our security monitoring and incident response is continually improving
• Leverage in-house knowledge to enrich and benefit the SIEM and SOC (e.g. managing Sentinel watchlists, assisting with triage, sharing knowledge of our technical estate with the MSP analysts, etc.)
• Create and tune SIEM use cases (inc. Sentinel Analytic Rules and Anomaly Detection Rules)
• Build and operate SOAR capabilities (using Azure Logic Apps)
• Develop automated custom reports on security operational performance and broader security topics (using Sentinel workbooks)
• Tune and enhance our Data Loss Prevention rules (Microsoft Purview Data Loss Prevention)
• Oversee and support the operation of the various Microsoft Defender tools
• Assist with the setup and ongoing usage of Microsoft Purview Information Protection (MPIP), Microsoft Insider Risk Management, Entra Identity Protection and other data protection and compliance tools
• Mature our use of and support the operation of Entra ID (previously AAD) for IAM, Identity Governance and Privileged Identity Management
• Collaborate with wider tech and security teams on the implementation and operation of a robust Customer Identity and Access Management (CIAM) service
• Provide guidance and a level of oversight for vulnerability management and triage work
• Document security processes and security tool low-level design/configuration
• Contribute to the development of security service delivery and operation documentation
• Assist tech teams with integrating their systems and services with security services and tools
• Support the cloud security and application security engineers and wider security team with their various responsibilities, including achieving and maintaining ISO 27001 certification and threat modelling activities.

What you won’t be doing:

Working in a siloed environment with no freedom to make decisions.

Working in an environment where you can’t see the impact your expertise makes.

The environment

We’re an agile team who work in short, product focused development cycles, solving complex technology problems in collaboration with a ground-breaking team of Behavioural Scientists, Epidemiologists, Clinical Operations specialists, and Ethicists. We’ve come from start-ups, tech companies, universities, the NHS and health charities. Together we’re experienced in building and scaling big consumer products, working with different kinds of health data.

Requirements

We absolutely welcome applicants who don't think they meet all the criteria below or who have a non-traditional security background. However please bear in mind that this is a highly hands-on role and scripting skills are essential.

• Proficient in writing Terraform, KQL and ideally Python and PowerShell
• Significant hands-on experience with Microsoft Sentinel
• Significant hands-on experience with Microsoft’s Defender suite, in particular Defender for Endpoints and Defender for O365
• Experience with Microsoft Entra ID (previously AAD), including the Identity Governance capabilities
• Experience of SOAR tooling and automating security capabilities and operations
• Experience in Threat Modelling
• Exposure to Microsoft Purview tooling, in particular MPIP and Purview Data Loss Prevention
• Exposure to working with/inside an MSP SOC
• Exposure to Agile working
• Knowledge of ISO 27001
• Desire to be part of a small fast-paced team
• Relevant certifications, such as: Microsoft certifications (MS-500, AZ-500, SC-200, SC-300, SC-400), CompTIA Security+, GIAC Security Operations Certified (GSOC), Cloud Security Alliance CCSK

Benefits

• Generous company pension package with employer contributions of up to 12%.
• 30 days annual leave (plus bank holidays.)
• Continuous career development with regular appraisals and learning and development opportunities.
• A lovely new office in Holborn, Central London – we offer flexible and remote working arrangements.

Join us - let’s prevent disease together.