Senior Information Security Engineer

Leicester (1 day per week on‑site)

£60,000 – £70,000 + £6,100 Car Allowance + Bonus

Are you an experienced Information Security professional looking for a senior role where you can influence security strategy, lead technical improvements, and work closely with an outsourced SOC? This is an opportunity to join a large UK organisation as a Senior Information Security Engineer, driving operational security and strengthening the overall security posture.

This role sits between the Technology team and the Head of Information Security, providing both technical leadership and hands‑on operational capability. You’ll manage third‑party security partners, oversee pen testing activities, and ensure the organisation remains resilient against evolving threats.

Please Note: Candidates must have the ability to obtain SC Security Clearance.

Key Responsibilities

Security Operations & Monitoring

• Lead day‑to‑day security operations and act as the primary contact for the third‑party SOC.
• Analyse and interpret logs, alerts, and threat data to identify potential security incidents.
• Ensure security tooling is correctly configured, operational, and fully utilised.

Threat Detection, Incident Response & Vulnerability Management

• Support or lead security incident investigations, including root‑cause analysis and remediation.
• Conduct vulnerability assessments and maturity scans, ensuring risks are clearly communicated and mitigated.
• Oversee third‑party penetration tests, manage remediation plans, and maintain strong vendor relationships.

Security Engineering & Technology

• Work with Microsoft security technologies such as Microsoft Defender, M365, Entra ID, and Azure security tools. email security solutions and endpoint protection solutions (AV/EDR). Oversee configuration changes, ensure tools are effectively integrated, and monitor identity and access management to detect potential misuse of credentials or privileges.
• Apply technical expertise to support improvements to security configuration, identity management, and endpoint security.
• Support internal teams when changes to systems may impact SOC monitoring or defensive controls.

Governance, Audit & Compliance

• Contribute to security policy development and help ensure alignment with standards such as ISO 27001, Cyber Essentials, NIST, and UK GDPR.
• Assist with internal/external audits and maintain documentation to demonstrate compliance.

Security Culture & Continuous Improvement

• Support awareness initiatives, phishing simulations, and internal training.
• Stay ahead of new threats and emerging technologies, recommending ongoing improvements.
• Mentor junior members of the security team and promote best‑practice security behaviours.

Experience & Skills Required

• Minimum 5 years’ experience in information security or related technical roles.
• Strong understanding of Microsoft Defender and modern cloud security ecosystems.
• Ability to interpret logs, security events, and SOC output to support investigations.
• Experience working with or managing third‑party SOC, SIEM, and security vendors.
• Background in overseeing penetration tests and managing remediation activity.
• Solid understanding of incident response, vulnerability management, and general cyber defence principles.
• Experience working with ISO 27001 environments or auditing.
• Excellent communication, documentation, and stakeholder engagement skills.
• Ability to obtain SC Security Clearance (essential).

Desirable:

• Certifications such as CISSP, CISM, CEH, GIAC, Security+, CySA+.
• Exposure to identity security, secure coding, or DevSecOps practices.

What’s on Offer

• £60,000–£70,000 base salary
• £6,100 car allowance
• Bonus scheme
• Hybrid working with 1 day per week in Leicester
• Training & certification support
• Excellent benefits package
• Opportunity to shape and mature a growing security function