We are looking for a Cyber Security Officer to support the security of our UK business operations, systems, users, and digital infrastructure.
This is a hands-on role suited to someone with a strong cyber security background who can work across threat detection, vulnerability management, identity security, incident response, security documentation, and practical risk reduction.
You will help strengthen the security of our Microsoft 365 environment, endpoints, user accounts, cloud services, networks, supplier systems, and internal business platforms. This role is not a traditional monitoring-only SOC position. It is suited to someone who can investigate issues, improve controls, document risks, and work with technical and non-technical teams to reduce cyber security exposure.
Role: Cyber Security Officer
Location: UK-based, hybrid/remote with occasional travel when required
Hours: Full-time, 37.5 hours per week
Contract: Permanent
The Role
You will support cyber security operations and improvement across the business, including Microsoft security, vulnerability management, incident response, access control, and security governance.
Key responsibilities include:
- Monitor, investigate, and respond to cyber security alerts, suspicious activity, and potential incidents.
- Support security across Microsoft 365, Defender, Entra ID / Azure AD, MFA, conditional access, and endpoint protection.
- Review user access, permissions, identity risks, and privileged account controls.
- Identify vulnerabilities, misconfigurations, and security weaknesses across systems, devices, networks, and cloud services.
- Support vulnerability assessment activity using appropriate security tools and manual investigation methods.
- Assist with incident response, phishing investigation, malware analysis, log review, and root cause analysis.
- Maintain security documentation, incident records, risk registers, technical reports, and remediation tracking.
- Support cyber security awareness, internal guidance, and best-practice processes for staff.
- Work with IT, management, and external suppliers to improve security controls and reduce business risk.
- Support compliance activity relating to data protection, internal security standards, supplier assurance, and cyber security good practice.
- Keep up to date with current cyber threats, attack methods, vulnerabilities, and defensive controls.
What We’re Looking For
We are looking for a practical cyber security professional who can combine technical investigation with clear documentation and business-focused security improvement.
Essential experience and skills:
- Experience in cyber security, IT security, infrastructure security, incident response, security research, or a closely related technical role.
- Strong understanding of cyber security principles, including threat detection, vulnerability management, access control, secure configuration, and incident response.
- Working knowledge of Microsoft 365 security, Entra ID / Azure AD, MFA, endpoint security, and identity management.
- Understanding of networks, TCP/IP, DNS, HTTP/HTTPS, firewalls, endpoint protection, and common attack techniques.
- Ability to investigate phishing, malware, suspicious login activity, endpoint alerts, and security events.
- Experience with security tools such as Wireshark, Nmap, OpenVAS, Burp Suite, Metasploit, Suricata, Snort, or similar.
- Ability to prepare clear security documentation, technical findings, remediation guidance, and risk summaries.
- Good communication skills and the ability to work with both technical and non-technical stakeholders.
- Ability to work independently in a remote or hybrid environment while maintaining accurate records and regular reporting.
Nice to Have
- Degree or MSc in Cyber Security, Computer Science, Software Engineering, or a related subject.
- Experience with digital forensics, malware analysis, penetration testing, or vulnerability assessment.
- Knowledge of SIEM, log analysis, alert investigation, and security monitoring concepts.
- Experience with AWS, Azure, virtualisation, Linux, Windows Server, Active Directory, or PowerShell/Python scripting.
- Cyber security training or certifications such as Cisco Cyber Security Operations, CCNA, GDPR/Data Protection, or equivalent.
- Understanding of Cyber Essentials, ISO 27001 principles, NIST, CIS Controls, or other security frameworks.
Benefits
- Hybrid/remote working arrangement
- 25 days annual leave plus bank holidays
- Pension scheme
- Professional development and certification support
- Opportunity to develop across cyber security operations, incident response, vulnerability management, cloud security, and security governance
Right to Work and Sponsorship
Applicants must have the right to work in the United Kingdom or be eligible for sponsorship under the Skilled Worker route. Sponsorship may be considered for a suitable candidate where role, salary, skill level, and eligibility requirements are met.
Pay: £37,000.00-£49,000.00 per year
Benefits:
- Employee mentoring programme
- Free parking
- On-site parking
- UK visa sponsorship
- Work from home
Education:
Work Location: Hybrid remote in Rotherham S60 2JB
