Our client in the insurance sector is looking for a dynamic individual to join their team as a Cyber Security Engineer. Please note this role is hybrid.

 

Triage and support investigation of security incidents and operational issues.

Assist with vulnerability assessment and remediation activities.

Support access control reviews and identity-related security tasks.

Contribute to security tooling configuration and maintenance.

Assist with certificate and key management activities.

Collaborate with internal teams to implement security improvements.

Ensure activities align with the Group Cyber Security Framework, policies, and standards.

Participate in continuous improvement initiatives within Cyber Operations.

 

Tertiary qualifications in Computer Science, Cybersecurity, Information Technology, or related discipline are preferred but not essential.

Microsoft certifications (e.g., SC-200, SC-300, AZ-500) highly regarded.

Security operations or engineering certifications (e.g., CompTIA Security+, CySA+, GIAC certifications) valued.

CISSP or similar professional certifications are desirable.

Certifications in specific technology platforms (Palo Alto, Azure, etc.) advantageous.

 

Minimum 3–5 years’ experience in cybersecurity operations, security engineering, or related IT roles.

Experience troubleshooting technical issues in complex environments.

Exposure to security monitoring, incident response, or vulnerability management.

Experience working in regulated or enterprise environments is advantageous.

Security Principles & Frameworks

Strong understanding of security fundamentals including authentication, authorisation, encryption, network security, and defence-in-depth principles.

Understanding of Zero Trust principles and architecture including identity-centric security, least privilege access, micro-segmentation, and continuous verification.

Knowledge of cloud security principles including shared responsibility models, cloud-native security controls, and secure configuration management.

Knowledge of cybersecurity frameworks, standards, and best practices (e.g., NIST, ISO 27001, CIS Controls).

Technical Skills

Strong analytical and problem-solving skills.

Solid understanding of IAM, network security, endpoint protection, and cloud security controls.

Ability to interpret and troubleshoot security configurations and policies.

Knowledge of certificate lifecycle management and PKI concepts.

Familiarity with Agile delivery environments.

Proficiency with work tracking and collaboration tools (e.g. Azure Boards, Jira, Confluence).

Ability to work independently while knowing when to escalate.

Technology Experience (Advantageous)

Identity platforms: Entra ID (Azure AD), Silverfort, SailPoint, Active Directory

Cloud security: Microsoft Defender suite, Azure security services

Network security: Palo Alto firewalls, F5, Netskope

Micro-segmentation: Illumio

Certificate management: DigiCert, GoDaddy

Vulnerability management: Qualys, Tenable