Cyber Security SME2

Main Purpose of the Role:The Cyber Security Engineer is a versatile, technically capable role within CLIENT’s Cyber Security Engineering function. The engineer will play a hands-on role in delivering, maintaining, and troubleshooting key cyber security technologies while supporting the implementation of new controls and improvements.This position requires a well-rounded individual with strong foundational knowledge across Windows and Linux platforms, network infrastructure, and cyber security tooling. The successful candidate will work across a variety of use cases including platform engineering, incident response support, project delivery, and audit preparation. Familiarity with tools such as Varonis, vulnerability scanners (e.g., Qualys), SIEM, DLP, and PAM is highly desirable, as is experience with scripting or automation in PowerShell, Python, or Bash.The engineer will act as a trusted technical contact across a range of systems and controls, often leading investigations into complex issues, supporting change deployments, and ensuring documentation and support materials are accurate and up to date. The role suits someone who enjoys solving problems, is comfortable with technical ambiguity, and is ready to tackle varied challenges across the cyber estate.Key Responsibilities:You will act as a key point of contact for internal audit, IT risk, and security governance teams, ensuring alignment with regulatory frameworks (e.g., ISO 27001, SAMA, SWIFT CSCF) and internal security standards. · Core Responsibilities o Provide technical support and lifecycle management of cyber security tools such as EDR / MFA / DLP o Investigate, triage, and resolve platform-level incidents affecting security tools and controls.o Support incident response teams by providing tooling insights, logs, and root cause analysis. o Contribute to the successful implementation of new security solutions, including design input, testing, deployment, and documentation. o Liaise with infrastructure teams to troubleshoot issues related to control integration and coverage. o Assist in running vulnerability scans, analysing results, and tracking remediation efforts. o Write and maintain accurate documentation including implementation procedures, runbooks, and technical standards. o Participate in internal and external audit activities by gathering evidence, explaining configurations, and supporting reviews. o Identify control gaps or inefficiencies and suggest engineering improvements. · Risk Identification and Mitigation o Identify potential security risks posed by threat actors and gaps in existing deployments. o Collaborate with internal teams and vendors to develop mitigation plans and track remediation progress through ServiceNow. o Support organistaions security risk profile and associated operational risk reporting. · Process Optimisationo Continuously refine methodologies and workflows for improved efficiency and effectiveness. · Audit and Governance Support o Support internal and external audits by ensuring activities are documented and accessible in central repositories. o Align improvements and mitigation activities with organisational risk policies and governance frameworks. · General o Support Information Security incidents where requested. o Support Operational Security duties where requested. o Responsibility covers EMEA for Bank and EMEA for Securities technology · Key Deliverables o Fully supported and documented security tooling across multiple domains. o Timely and effective resolution of tooling and platform-related incidents. o Implementation packages and handover documents for new control deployments. o Accurate reporting of vulnerability status and policy compliance gaps. o Automation scripts, dashboards, or integrations that reduce manual workload. o Audit-ready documentation and evidence packs as required.Skills and Experience:· Education and Experience:o Strong secondary-level education is required, ideally to A-level or equivalent standard, in a technical or analytical discipline.o A university degree is not essential, though a qualification in Cyber Security, Information Technology, Risk Management, or a related field would be considered advantageous.o 8+ years of experience in cyber security or information security roles.· Knowledge and Skills:o Strong technical experience in Windows Server and Linux environments.o Strong technical understanding of infrastructure, networking, and operating systems. o Hands-on experience with one or more enterprise cyber security tools o Knowledge of regulatory frameworks (e.g., ISO 27001, CIS, NIST). o Comfortable supporting log analysis, access control configurations, and data protection tools. o Proficiency in troubleshooting integrated systems involving AD, DNS, GPO, and networked assets o Scripting or automation exposure (Python, Ansible, or PowerShell) is desirable.o Experience collaborating with audit, risk, and compliance stakeholders. o Excellent written and verbal communication skills for technical and non-technical audiences. · Success Measures o High availability and performance of cyber tooling platforms. o Reduction in platform-level incidents through proactive support or automation. o Timely delivery of project tasks and handover documentation. o Positive feedback from IT partners, operations, and audit stakeholders. o Contribution to ongoing improvements in detection, compliance, and control effectiveness. · Soft Skills: o Excellent communication skills, with the ability to convey technical findings to non-technical stakeholders. o Strong collaboration skills, with a focus on cross-functional teamwork and vendor relationship management.o Process oriented with keen attention to detail. o Ability to proactively anticipate problems and execute solutions at a strategic level. o Ability to think strategically o Active involvement in internal and external audits and experience of managing Audit relationships. · Certifications (Nice to have) o Relevant certifications such as CISSP, Security+, CEH, GCIA, or vendor-specific qualifications (e.g., Microsoft, AWS). Desired but not necessary: · Experience working with cloud platforms (Azure, AWS) or virtualized environments (e.g., VMware). · Familiarity with ServiceNow ITSM. · Knowledge of security frameworks such as CIS Benchmarks, ISO 27001, or NIST 800-53.Personal Requirements:· Excellent communication skills· Results driven, with a strong sense of accountability· A proactive, motivated approach.· The ability to operate with urgency and prioritise work accordingly· Strong decision making skills, the ability to demonstrate sound judgement· A structured and logical approach to work· Strong problem solving skills· A creative and innovative approach to work· Excellent interpersonal skills· The ability to manage large workloads and tight deadlines· Excellent attention to detail and accuracy· A calm approach, with the ability to perform well in a pressurised environment