Senior Information Security Engineer

Senior Information Security Engineer Leicester (1 day per week onsite)
GBP60,000 GBP70,000 + GBP6,100 Car Allowance + Bonus

Are you an experienced Information Security professional looking for a senior role where you can influence security strategy, lead technical improvements, and work closely with an outsourced SOC? This is an opportunity to join a large UK organisation as a Senior Information Security Engineer, driving operational security and strengthening the overall security posture. This role sits between the Technology team and the Head of Information Security, providing both technical leadership and hands‑on operational capability. You will manage third‑party security partners, oversee pen‑testing activities, and ensure the organisation remains resilient against evolving threats.

Important: candidates must have the ability to obtain SC Security Clearance. (Lived in the UK for 5 or more years)

• Lead day‑to‑day security operations and act as the primary contact for the third‑party SOC.
• Analyse and interpret logs, alerts, and threat data to identify potential security incidents.
• Ensure security tooling is correctly configured, operational, and fully utilised. Threat Detection, Incident Response & Vulnerability Management.
• Support or lead security incident investigations, including root‑cause analysis and remediation.
• Conduct vulnerability assessments and maturity scans, ensuring risks are clearly communicated and mitigated.
• Oversee third‑party penetration tests, manage remediation plans, and maintain strong vendor relationships.

• Work with Microsoft security technologies such as Microsoft Defender, M365, Entra ID, and Azure security tools; oversee configuration changes, ensure tools are effectively integrated, and monitor identity and access management to detect potential misuse of credentials or privileges.
• Apply technical expertise to support improvements to security configuration, identity management, and endpoint security.
• Support internal teams when changes to systems may impact SOC monitoring or defensive controls.

• Contribute to security policy development and help ensure alignment with standards such as ISO 27001, Cyber Essentials, NIST, and UK GDPR.
• Assist with internal/external audits and maintain documentation to demonstrate compliance.

• Support awareness initiatives, phishing simulations, and internal training.
• Stay ahead of new threats and emerging technologies, recommending ongoing improvements.
• Mentor junior members of the security team and promote best‑practice security behaviours.

• Minimum 5 years experience in information security or related technical roles.
• Strong understanding of Microsoft Defender and modern cloud security ecosystems.
• Ability to interpret logs, security events, and SOC output to support investigations.
• Experience working with or managing third‑party SOC, SIEM, and security vendors.
• Background in overseeing penetration tests and managing remediation activity.
• Solid understanding of incident response, vulnerability management, and general cyber defence principles.
• Experience working with ISO 27001 environments or auditing.
• Excellent communication, documentation, and stakeholder engagement skills.
• Ability to obtain SC Security Clearance (essential).

• Certifications such as CISSP, CISM, CEH, GIAC, Security+, CySA+.
• Exposure to identity security, secure coding, or DevSecOps practices.

GBP60,000 GBP70,000 base salary
GBP6,100 car allowance
Bonus scheme
Hybrid working with 1 day per week in Leicester
Training & certification support
Excellent benefits package
Opportunity to shape and mature a growing security function