Job Advert
About Us
At Everflow, we’re on a mission to reshape the utility industry.
We’re an award-winning, fast-growing business delivering smarter, greener water waste and connectivity solutions to businesses across the UK and we’re proud of the impact we make every day.
Our quest is simple but powerful: bringing services together to make lives simple. By saving our customers time, money, and energy, we give them the headspace to focus on what really matters growing their businesses and making an impact.
And while free coffee and ping pong are nice (very nice, actually), they’re not the reason people stay. Our culture is. We value authenticity over ego, curiosity over comfort, and progress over perfection. We trust our people, encourage bold ideas, and believe success should never come at the cost of wellbeing or belonging.
The Role
Everflow is looking for a hands-on, proactive Security Engineer to play a key role in strengthening our security posture as we continue to grow. This position sits at the heart of the Information Security function, acting as the bridge between IT and Information Security to ensure security solutions are practical, effective, and embedded into day-to-day operations.
You’ll be responsible for implementing and optimising core Microsoft security technologies, driving security improvement initiatives, and supporting operational security programmes. This is an ideal role for someone who is technically strong, comfortable working across multiple teams, and motivated to continuously improve security maturity.
What You’ll Do
You’ll be busy, challenged, and trusted to make a real difference. You’ll:
Security Engineering & Microsoft Security Stack
-
Lead rollout and adoption of data classification and Data Loss Prevention (DLP) policies.
-
Implement and administer Microsoft Purview governance and compliance capabilities.
-
Fine-tune Microsoft Defender security tooling to improve detection accuracy and reduce false positives.
-
Assist in designing and maintaining secure Microsoft cloud environments.
Vulnerability & Risk Management
-
Design and establish a structured vulnerability management programme.
-
Identify vulnerabilities and systemic weaknesses through assessments and testing.
-
Work closely with IT teams to coordinate remediation activities and risk reduction.
Security Operations Support
-
Support onboarding and integration of a third-party 24/7 MDR provider.
-
Review, triage, and assist with remediation of tickets and incidents raised by the MDR partner.
-
Monitor and investigate security events across systems, networks, and applications.
-
Maintain and optimise monitoring, alerting, and reporting processes.
Security Governance & Compliance
-
Assist with Cyber Essentials renewals and ongoing compliance activities.
-
Collaborate with internal stakeholders to ensure security controls are aligned with standards and best practices (NIST CSF 2.0)
- Contribute to continuous improvement of security operations and protective controls.
Collaboration & Stakeholder Engagement
-
Act as the key liaison between IT and Information Security.
-
Collaborate with platform, engineering and architecture teams to strengthen systems and processes.
-
Provide practical security guidance and help embed security-by-design approaches.
What We’re Looking For
We’re less about ticking boxes and more about finding the right person. You’ll probably:
-
2–4+ years’ experience in a hands-on cyber security or security engineering role (SOC, systems, or engineering environment).
-
Strong understanding of Microsoft security ecosystem (Defender, Purview, DLP, M365 security capabilities).
-
Experience investigating security alerts and supporting remediation activities.
-
Solid knowledge of Windows environments and system hardening practices.
-
Familiarity with vulnerability management processes and tooling.
-
Strong troubleshooting and problem-solving mindset.
-
Comfortable working cross-functionally and engaging with technical and non-technical teams.
-
Exposure to compliance frameworks such as NIST CSF 2.0 and Cyber Essentials.
Desirable
-
Knowledge of attacker techniques, common TTPs, and detection/response workflows.
-
Experience working alongside MDR or SOC providers.
-
Relevant degree, certification, or equivalent practical experience in IT or cyber security.
What We Offer
We take rewarding our people seriously (and not just with biscuits). You’ll get a competitive salary with annual reviews, a generous pension of up to 8% employer contribution, and life insurance worth up to three times your salary.
You’ll enjoy hybrid working (up to three days from home), the option to buy or sell up to five days of annual leave, an extra celebration holiday, and enhanced parental and sickness benefits.
There’s also free breakfast, free parking, an on-site gym at our Peterlee HQ, access to an EV company car scheme, and a cycle-to-work scheme. For your wellbeing, we offer 24/7 counselling, virtual GP access, and a healthcare cash plan covering dental, physio, and optical care because looking after people shouldn’t stop at work.
Equal Opportunities
Everflow is proud to be an equal opportunities employer. We’re committed to creating an inclusive, diverse workplace where everyone feels respected, valued, and able to be themselves. Through our Equity, Diversity, Inclusion and Belonging (EDIB) policy, we ensure fair access to opportunities for all, regardless of background.
