On behalf of FCDO we are looking for a Cyber Security Engineer (Inside IR35) for a 12 month contract. Hybrid working with travel to Milton Keynes or Glasgow as and when required.

The Foreign, Commonwealth & Development Office (FCDO) pursues our national interests and projects the UK as a force for good in the world. We promote the interests of British citizens, safeguard the UK's security, defend our values, reduce poverty, and tackle global challenges with our international partners.

We're looking for a skilled Cyber Security Engineer to join our security team. You will be responsible for designing, implementing, and maintaining the core infrastructure that supports our Enterprise Cybersecurity Operations function. This includes managing and optimising our SIEM, Log Collection & Storing, Data Pipelines, EDR (Endpoint Detection and Response) tools, and other security technologies. You will work closely with our security professionals to ensure the platforms are efficient, reliable, and scalable, enabling them to effectively detect, investigate, and respond to security threats.

As a Cyber Security Engineer your main responsibilities will be to:

• Design, deploy, and manage the security platforms, including the SIEM (e.g., Splunk, Microsoft Sentinel & Opensource alternatives) and supporting infrastructure across hybrid cloud environments.
• Monitor platform performance, troubleshoot issues, and implement optimisation to ensure high availability and data integrity.
• Configure and maintain data pipelines for ingesting security logs from various sources (endpoints, cloud services, network devices), ensuring proper parsing and normalization.
• Integrate new security tools and technologies into the existing ecosystem.
• Utilise modern methods to improve outcomes both for Security Engineering but also the SOC community.
• Create and maintain comprehensive documentation and diagrams for all platforms, configurations, and procedures.

An active DV Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks.

Requirements:

• Proven experience in a similar role, specifically with hands-on experience in managing and operating security platforms.
• Strong knowledge of SIEM technologies (Splunk, Microsoft Sentinel, etc.).
• Experience with scripting languages like Python or PowerShell for automation.
• Familiarity with cloud security platforms (AWS, Azure, GCP).
• Knowledge of network protocols, operating systems (Linux/Windows), and cybersecurity frameworks (NIST, MITRE ATT&CK, CAF).
• Experience with SOAR (Security Orchestration, Automation, and Response) platforms.
• Excellent problem-solving and analytical skills.
• Strong communication and collaboration abilities.

Please be aware that this role can only be worked within the UK and not Overseas.

Disability Confident: As a member of the Disability Confident Scheme, FCDO guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy.