Cyber Security Engineer (Ops and TA)

Job DescriptionJob Description SummaryAt Volaris, our business is acquiring, strengthening, and growing vertical market technology businesses. Our team oversees the cyber security maturity, governance, risk management and compliance state of all our business units (and there’s quite a few) no matter their industry, size, or complexity.We are seeking a Cyber Security Engineer to join our team. This role is pivotal in safeguarding our organization against cyber threats by reviewing issues and threats across multiple security systems.Job DescriptionYour task will be to recognise threat actors, tactics, and techniques, combining this information to formulate a holistic overview for our businesses and their industries. This overview will serve as the foundation for building a robust defence strategy to reduce our attack surface.In addition to reviewing and analysing threats, you'll play a crucial role in providing recommendations to address identified issues. Working closely with our cyber technologies, you will implement and document solutions to bolster our security posture. Collaboration with our reporting team will be essential, ensuring accurate visualization and output for businesses to use and reference.Furthermore, as a dual-purpose role you will require hands-on experience with the specified tools outlined in responsibilities. As needed, you'll be responsible for administration, configuration, and other tasks related to these tools. Your expertise in these areas will be instrumental in maintaining the efficacy of our security infrastructure and responding effectively to emerging threats.Job Location: The position entails a hybrid work model, requiring on-site presence two to three days a week at our Cardiff, UK office, necessitating applicants to reside within commuting distance.ResponsibilitiesAnalyse threats across our security tools stack to identify patterns and tactics employed by threat actors targeting our business and industry. Additionally, proactively detect incorrectly configured rules or identify rules no longer in use, taking responsibility to either rectify or bring attention to these issues. Review, recommend, and implement changes across all tooling, providing strategic advice on necessary cyber defence measures to reduce attack vectors and enhance overall security posture.Conduct in-depth analysis of cybersecurity threats within the M365 environment, including investigating risky users, risky sign-ins, risky workload identities, risk detections, and missing multi-factor authentication (MFA).Automate manual processes within the team to streamline security operations and enhance system efficiency.Exhibit hands-on proficiency in managing various security tools, including but not limited to credential leakage and outside-in platforms. Additionally, demonstrate the capability and eagerness to administer and implement hardening to endpoint detection and response (EDR), firewalls, web security gateway, and security email gateway as necessary.Guide our Power BI developer through reporting requirements to visualize data related to security issues and other metrics in the business. Work closely with them to ensure the data is available and accurate for reporting, verifying the data reported for sign-off.Have a thorough understanding of Identity and access management principles.Develop and document best practice security guidelines for our tools to our wider businessesRequirementsStrong analytical and problem-solving skills with a motivated and inquisitive mindset for effectively identifying and addressing complex security threats.Proficiency in scripting languages such as Microsoft PowerShell and Python preferred to automate manual processes.Demonstrate and show an understanding of key cybersecurity frameworks such as MITRE ATT&CK, MITRE D3FEND and OWASP.Experience managing credential leakage and continuous monitoring platforms to identify and mitigate security threats.Hands-on experience with security tools including M365, EDR, firewalls, web security gateway, and security email gateway for system administration and troubleshooting.Ability to document findings, set guidelines, and create documentation for processes and procedures.Excellent communication skills to articulate threat analysis findings and recommendations to both technical and non-technical stakeholders.Proven ability to work effectively in a collaborative team environment, as well as independently, to meet deadlines and deliver high-quality results.Experience in picking up and managing tickets in a ticketing system, ensuring timely resolution and documentation of tasks.Reside within commuting distance of our office located in Cardiff, UK.Any other requirements.Education and ExperienceBachelor's degree (or equivalent) in Computer Science, Information Technology, or related field.CISSP (Certified Information Systems Security Professional) or equivalent.Broad understanding of security principles and technologies with hands-on experience with security tools demonstrated.Desirable Skills and ExperienceCertified Threat Intelligence Analyst (CTIA) certification or equivalentMicrosoft Certified: Security Operations Analyst Associate, Identity and Access Administrator Associate, Information Protection Administrator Associate or equivalent.Familiarity with threat intelligence platforms (TIPs) and security information and event management (SIEM) systems for comprehensive threat analysis.Experience of implementing DMARC compliance across the business.MySQL and ClickHouse database platforms.BenefitsWe offer a competitive salary and benefits package, designed to attract, and retain top cybersecurity talent. Here are some highlights:Competitive salary and benefits package.Professional development and training opportunities.25 days paid leave after first year of employment.Wellbeing benefits (including 24/7 online GP and mental health support), Employee Assistance Programme, discounted family health / dental care / eye tests, cycle-to-work scheme.Group Life Assurance.Located in the vibrant city of Cardiff, with easy access to amenities, transportation, and a thriving cybersecurity community.Opportunity to work with cutting-edge security technologies.Hybrid work environment.