Cyber Security Administrator

The Cyber Security Administrator is responsible for the day-to-day operation, monitoring, and improvement of the organization's cybersecurity posture. This role ensures that systems and data remain secure and available through proactive management, incident response, and collaboration with SOC and SIEM teams. The successful candidate will have hands-on experience in Microsoft 365 and Azure environments, as well as familiarity with MDR, email, and network security tools.

• Monitor and manage day-to-day cybersecurity operations across on-premise and Microsoft environments.
• Respond to and assist in resolving cybersecurity incidents, alerts, and escalations.
• Work closely with the SOC and SIEM teams to triage, analyse, and remediate detected threats.
• Conduct regular reviews and updates of security configurations, firewall rules, and endpoint protection settings.
• Identify, assess, and remediate manual configuration vulnerabilities in systems and applications.
• Maintain and review user access controls, MFA enforcement, and identity protection settings.
• Review, audit, and remediate Identity and Access Management (IAM) credentials and permissions to ensure least privilege access, reduce risk of credential misuse, and maintain compliance with security policies.
• Review, monitor, and manage Data Loss Prevention (DLP) policies and technologies to prevent unauthorized data access, transmission, or exfiltration across endpoints, email, and cloud services.
• Assist in the implementation and upkeep of MDR (Managed Detection and Response) solutions.
• Administer and optimise email security controls (e.g., Microsoft Defender for Office 365, Proofpoint, Mimecast).
• Support periodic audits and compliance checks (ISO 27001, Cyber Essentials, or equivalent).
• Document incidents, configuration changes, and policy updates accurately and consistently.
• Contribute to continuous improvement of security policies, processes, and documentation.

• 2-4 years of experience in IT or cybersecurity administration roles.
• Microsoft 365 Security & Compliance Centre
• Azure AD / Entra ID configuration and security settings
• Endpoint protection (Defender for Endpoint or similar)
• SIEM platforms (e.g., Sentinel, Splunk, or equivalent)
• MDR and EDR tools
• Email security solutions (Defender, Proofpoint, Mimecast, etc.)
• Network security tools such as firewalls, VPNs, and intrusion prevention systems
• Strong understanding of incident response workflows and escalation procedures.
• Familiarity with vulnerability management tools and patching practices, including manual remediations
• Solid grasp of authentication, identity management, and least privilege principles.
• Strong documentation and communication skills, with the ability to convey technical detail clearly

• Experience working in a hybrid cloud environment (Azure + on-prem).
• Exposure to scripting or automation (PowerShell, Python) is advantageous.
• Familiarity with compliance frameworks such as ISO 27001, NIST, or Cyber Essentials.
• CompTIA Security+, CySA+, or Microsoft SC-200