Role Overview

An international organisation is seeking a hands‑on Senior Cybersecurity Engineer to strengthen and mature its security capabilities across cloud, identity, and operational environments.

Fully remote (reporting into a hiring manager based in another region).

This is a pivotal role focused on building centralised visibility, improving detection and response, and preparing the organisation for a future managed Security Operations Centre (SOC) capability.
You will work across cloud security, identity, endpoints, and infrastructure, while acting as a key technical partner to an external managed SOC provider. As the security function evolves, this role offers a clear progression path toward Cybersecurity Architect or Security Lead.

Key Responsibilities:

Security Monitoring & Detection

  • Design and implement centralised security monitoring (SIEM or equivalent)
  • Prepare environments for successful managed SOC integration
  • Improve detection use cases to increase signal quality and reduce noise
  • Enhance visibility across cloud, identity, and operational systems

Managed SOC Integration

  • Act as the primary technical liaison for the managed SOC provider
  • Support SOC onboarding, log ingestion, tuning, and use‑case development
  • Validate alerts, incident handling, and reporting outputs
  • Continuously refine detection fidelity and response effectiveness

Cloud Security

  • Manage and optimise cloud‑based security controls
  • Improve web application security, bot protection, and traffic filtering
  • Monitor and analyse traffic patterns to identify threats and anomalies
  • Strengthen resilience against denial‑of‑service and abuse scenarios

Identity & Collaboration Platform Security

  • Enhance identity protection and conditional access controls
  • Improve email security and anti‑phishing defences
  • Strengthen audit logging, monitoring, and investigation workflows
  • Support investigations into user activity and account compromise

Incident Response & Operational Security

  • Establish internal incident response processes aligned with SOC workflows
  • Define runbooks, escalation paths, and operational responsibilities
  • Support incident investigations and post‑incident reviews

Vulnerability Management & Security Testing

  • Implement vulnerability scanning across infrastructure and endpoints
  • Integrate security testing into CI/CD pipelines
  • Drive remediation efforts and track risk reduction initiatives

Security Engineering & Architecture

  • Improve security controls across cloud, on‑premise, and hybrid environments
  • Embed security into both digital and operational technology environments
  • Support secure design, architecture reviews, and threat modelling

Risk & Compliance

  • Support implementation of controls aligned to recognised frameworks
  • Contribute to risk identification, mitigation, and reporting
  • Assist with audit readiness and evidence collection

Stakeholder Engagement

  • Build strong working relationships with business and technology teams
  • Act as a trusted internal security advisor
  • Improve awareness of shared security responsibilities across the organisation

Experience & Skills

Required

  • 5+ years’ experience in cybersecurity or security engineering
  • Hands‑on experience with:
    • SIEM and log management platforms
    • Cloud‑based security controls
    • Identity and access management
    • Endpoint protection
  • Strong troubleshooting, threat‑hunting, and investigation skills
  • Experience operating in complex, distributed environments
  • Familiarity with security frameworks such as ISO 27001 or NIST

Preferred

  • Experience working with or integrating managed SOC services
  • Prior involvement in log onboarding and detection tuning
  • Knowledge of security controls in CI/CD pipelines
  • Exposure to regulatory or operational resilience frameworks
  • Relevant security or cloud certifications

What Success Looks Like (6–12 Months)

  • Centralised security visibility fully established and SOC‑ready
  • Managed SOC successfully onboarded and optimised
  • High‑quality detection use cases in place with low false‑positive rates
  • Significantly improved cloud and identity security posture
  • Incident response processes aligned with SOC operations
  • Vulnerability management operating effectively
  • Clear progress toward audit and resilience readiness