Lead Security Engineer

• Design, deploy, administer, and continually improve security technologies including firewalls, SIEM, MDR, intrusion detection/prevention systems, vulnerability management tools, and related monitoring and control platforms.
• Act as the lead technical owner for security engineering activities, providing subject matter expertise, technical direction, and escalation support for security-related issues and incidents.
• Configure, maintain, and optimise security tools and controls to protect against evolving threats and improve visibility, detection capability, and response effectiveness.
• Monitor networks, systems, cloud platforms, and security alerts for signs of compromise, unauthorised access, suspicious activity, or control failure, and take appropriate action in line with agreed escalation procedures.
• Investigate security incidents, coordinate technical response actions, support containment and remediation, and escalate material events to the CISO as required.
• Provide reasonable out-of-hours availability for major security incidents and participate in incident response cover arrangements as required.
• Carry out regular vulnerability assessments, security reviews, hardening activities, patch-related assurance, and security validation work across relevant platforms and services.
• Provide security-focused support and assurance for network and Azure-based services, including secure configuration, hardening, identity and access controls, logging, monitoring, and security review.
• Implement and monitor security controls across cloud environments, including Microsoft Azure and Microsoft 365, and support the secure ongoing management of cloud resources.
• Manage and support security aspects of identity and access control for relevant platforms and services, including privileged access, role-based access, and control review activity where required.
• Support the development, implementation, and maintenance of security standards, procedures, baselines, and technical controls in line with organisational policy and good practice.
• Maintain appropriate technical documentation, operating procedures, diagrams, configuration records, and evidence to support audit, governance, and operational continuity requirements.
• Support internal and external audits, regulatory reviews, supplier assurance exercises, and security assessments by preparing evidence, responding to technical queries, and assisting with remediation actions.
• Work closely with IT, project teams, business stakeholders, and third parties to ensure security requirements are appropriately integrated into new and existing services.
• Contribute to security awareness, knowledge sharing, and technical uplift across the wider IT and business teams.

• Support the organisation's compliance activities by maintaining evidence of technical controls and assisting with the closure of security-related audit or assurance actions.
• Contribute to the strengthening of cyber and operational resilience through control improvement, incident readiness, monitoring maturity, and secure service design.
• Support third-party and supplier security assurance activity where technical input is required, including reviews of services, architecture, controls, and remediation plans.

• Effective operation and continuous improvement of core security tooling and services.
• Timely identification, investigation, and escalation of security incidents and control issues.
• Improved visibility of threats, vulnerabilities, and control effectiveness across key platforms.
• Maintenance of accurate technical documentation and audit evidence.
• Delivery of practical, risk-based security engineering support to projects, IT operations, and business change.

• Experience administering and improving enterprise security technologies such as firewalls, SIEM, MDR, IDS/IPS, and related security monitoring or protection platforms.
• Strong understanding of security engineering principles across networks, systems, cloud services, and identity/access management.
• Hands-on experience of cloud platforms and cloud security controls, particularly Microsoft Azure and Microsoft 365.
• Demonstrable experience of investigating and responding to security incidents in a structured and effective manner.
• Good technical documentation, analysis, and problem-solving skills.
• Ability to communicate clearly with technical and non-technical stakeholders and provide practical security guidance.
• Relevant professional certifications such as CompTIA Security+, Microsoft Azure Security Engineer, or equivalent.
• Additional certifications in cloud security, incident response, vulnerability management, firewall administration, or Microsoft security technologies would be advantageous.
• Experience working in a regulated or audit-sensitive environment (financial services preferred).

• Highly motivated, proactive, and able to work with a high degree of ownership.
• Strong communication and teamwork skills, with the ability to work collaboratively across departments.
• Able to remain calm and effective under pressure and manage competing priorities.
• Committed to continuous learning, improvement, and professional development.
• Ability to work out of hours for incident response and out-of-hours support where required

Your specialist: Angie Westmorland

Quote job ref: 16628

Hi I'm Angie, I am working on this amazing opportunity with one of the Island's leading employers, click apply now and I will be in touch.

Submit Your CV