Overview

We’ve partnered with a global engineering manufacturer seeking an Information Security Engineer to blend light alert response with delivering security projects and rollouts across a 10k-user enterprise. In a small, lean team (no tiered SOC), you’ll work directly with engineers and business stakeholders to harden controls, ship pragmatic improvements, and support upcoming programmes like DLP and third-party risk.

Base pay range

Information Security Engineer

Type: Permanent

Responsibilities

• Respond to phishing/EDR/web proxy alerts and close the loop with clear comms.
• Design and deliver security improvements and structured technology rollouts.
• Own Microsoft fundamentals (M365/Entra, AD, web proxy) and partner on CrowdStrike/Cisco/Zscaler.
• Drive remediation with infrastructure/EUC teams; document policies and playbooks.
• Support supplier onboarding and third-party/security risk reviews.
• Contribute to security training and awareness across the business.

Skills & Experience

• 12–18+ months in an information security role with breadth (not SOC-only or vuln-only)
• Fundamentals across Active Directory, Microsoft 365/Entra, and web proxy concepts
• Hands-on with EDR/email/web security (CrowdStrike or Defender for Endpoint, Zscaler or equivalent)
• Evidence of end-to-end delivery (project/rollout/tuning) with stakeholder engagement
• Clear written/verbal communication; pragmatic, methodical, proactive
• Nice to have: basic PowerShell/KQL, Cisco exposure, familiarity with DLP and third-party risk

Benefits

• 33 days’ holiday (includes Easter weekend & May half-term), on-site collaboration culture, no on-call, early Friday finish, board-backed investment in security with real scope to upskill, on-site canteen and lakeside grounds with Saturday access to the golf course.