Help secure one of the world's largest health research resources.
At UK Biobank, security isn't simply about protecting systems; it's about safeguarding one of the world's most important biomedical research resources.
Our platforms support researchers across the globe, helping advance the understanding of disease, prevention, and treatment. Protecting that data, the services that support it, and the people who rely on it is fundamental to everything we do.
We're looking for two Information Security Engineers to join our growing Security team, helping strengthen and evolve our security capabilities across cloud, infrastructure, applications, and emerging technologies.
Working closely with operational teams, governance specialists, external security providers, and technology teams, you'll support security operations; incident response; application, data, cloud and on-premise security; vulnerability management; governance; and emerging technologies.
As an Information Security Engineer, you'll play a key role in protecting UK Biobank's data, services, and technology estate.
Working closely with operational teams, governance specialists, external security providers, and technology teams, you'll support security operations, incident response, threat detection, vulnerability management, cloud security, and security tooling.
This role offers exposure across a broad range of security disciplines rather than specialising in a single area. From investigating security incidents and maintaining security tooling through to supporting cloud security controls, AI-related technologies, and wider transformation programs, you'll be involved in shaping and improving security across the organisation.
You'll also contribute to UK Biobank's Data & Technology Transformation Programme, helping introduce new technologies and security capabilities that strengthen protection while enabling colleagues and researchers to access services securely and efficiently.
For security professionals who enjoy variety, ownership, and working across multiple domains, this is a rare opportunity to broaden your experience while contributing to a genuinely meaningful mission.
You will be responsible for:
- Participating in the Security Operations support rota, including out-of-hours on-call support, assessing, triaging, and investigating security alerts from the SOC and other sources to determine relevance, severity, and required actions.
- Supporting incident response activities, including containment, eradication, and recovery, while contributing to the development and testing of security incident response plans and documenting investigations, remediation activities, and lessons learned.
- Maintaining the security tooling estate, including EDR, vulnerability management, SIEM, DLP, email security, and web security solutions, ensuring services remain healthy, effective, and optimally configured.
- Supporting the secure configuration, monitoring, and protection of assets, networks, cloud workloads across AWS and Microsoft Azure, and emerging AI services while helping embed security controls and guardrails.
- Maintaining awareness of emerging threats, vulnerabilities, and industry developments, using insight to support risk assessments, security improvements, awareness initiatives, and a positive security culture across the organisation.
To be successful, you will have:
- Relevant operational experience as a security engineer, analyst, or similar role within a complex organisation handling sensitive or highly confidential data, including experience in an out-of-hours on-call rota and operating within environments aligned to ISO/IEC 27001 and Cyber Essentials Plus.
- Experience assessing, triaging, and investigating security alerts, threats, and incidents; supporting incident response activities (containment, eradication, and recovery); proactive threat hunting; and refining detection rules, playbooks, and tooling configurations based on investigation trends and emerging threats.
- Strong experience with leading security technologies, such as EDR, SIEM, DLP, BEC protection, and vulnerability management tooling.
- Experience supporting a range of security functions, such as identity and access management (including access reviews, PAM, MFA and SSO), data security controls (including data classification, DLP, and encryption); and application security activities (including secure design reviews, SAST, DAST, software composition analysis, and vulnerability triage and remediation).
Working hours are 35 hours per week, Monday to Friday, with some flexibility, 2 days onsite with hybrid working available. Located in Greater Manchester (supporting both Cheadle and Manchester Science Park locations).
The team is planning to introduce an on-call support rota. Participation is expected to be approximately 1 week in every 4 as the function continues to grow and mature.
Our passion for diversity and equality means creating a work environment for all employees that is welcoming, respectful, engaging, and enriched with opportunities for personal and professional development.
We actively welcome applications from people with disabilities, long-term health conditions, neurodivergent candidates, and those with diverse thinking styles. We are committed to making reasonable adjustments throughout our recruitment process and in the workplace so that everyone can perform at their best. If you require any adjustments during the recruitment process, please contact Tommy Wilson
[email protected] so we can support you.
Our wellbeing score on Indeed is rated as 77%, (High) reflecting how people experience working here day-to-day. Colleagues often highlight a strong sense of purpose, supportive team culture, and the opportunity to grow.
There’s a real focus on learning, flexibility, and feeling valued, whether that’s developing new skills, contributing ideas, or building a career within Information Security.
Benefits
️ 26 Days’ Annual Leave – Plus Bank Holidays
➕ Holiday Buy Scheme
Birthday Leave
USS Pension Scheme
Healthcare Cash Plan
Enhanced Family Leave
Cycle to Work Scheme
Season Ticket Loan
Professional Subscriptions
Training & Development Opportunities
️ Free On-Site Gym
️ Subsidised Canteen Lunches
Free Car Parking
️ Employee Discounts Portal
Employee Assistance Programme
Annual Flu Vaccination
️ Life Assurance Cover
#LI-Hybrid
The job advert closing date may change, so early applications are encouraged
UK Biobank is a large-scale biomedical database and research resource containing in-depth genetic and health information from half a million UK participants.
The database, the largest and most comprehensive of its kind in the world, is anonymised and made widely accessible by UK Biobank to global researchers who use it to find new scientific discoveries about common and life-threatening diseases – such as cancer, heart disease and stroke which strike in mid-later life.
UK Biobank is an innovative organisation with over 350 staff across four sites in the UK that fosters an engaging environment and supports the development of our staff. Our dedicated teams work alongside the world's leading biomedical scientists in our joint mission to improve public health.
