Cyber Security Operations Engineer
Role details
Job location
Tech stack
Job description
We are looking for a Cyber Security Operations Engineer with strong SecOps, IAM, and cloud security experience to help elevate our security posture. You will focus on identity, access governance, endpoint protection, threat detection, and operational security controls, while collaborating closely with our platform and engineering teams.
Reporting directly to the Chief Technical & Product Officer, this is a hands-on role where you will design, implement, automate, and maintain security controls across our cloud, SaaS, and device estate. You'll help mature our security operations, strengthen defences, and proactively reduce risk across the business.
While the role is security-first, a working understanding of cloud platforms (AWS) and modern engineering workflows will help you partner effectively with our platform team., * Implement and maintain Access policies aligned to best practice.
- Automate Joiner, Mover, Leaver (JML) processes where possible.
- Conduct monthly access reviews for critical systems and automate reporting.
- Enforce least privilege, role-based access, and credential hygiene across all environments.
Security Operations
- Maintain an inventory of all SaaS applications, users, and access patterns.
- Manage endpoint security tools (AV/EDR) and ensure full device coverage and compliance.
- Monitor and enhance logging, alerting, and detection pipelines across cloud and SaaS systems.
- Work with our SOC partner on investigations, tuning, alert health, and visibility gaps.
- Perform vulnerability management across identities, devices, and cloud workloads.
Threat Intelligence, Hunting & Monitoring
- Integrate relevant CTI insights and attacker TTPs into detection and response workflows.
- Conduct targeted threat hunts using IOCs, behavioural patterns, and identity anomalies.
- Improve detections based on real-world threats relevant to UniHomes.
Governance, Compliance & Operations
- Contribute to incident response planning and participate in post-incident reviews.
- Pro-active PEN testing and ownership of PEN test reporting.
- Support audit readiness by producing evidence of controls and maintaining documentation.
- Improve security processes, playbooks, and automation across IAM, SaaS, cloud, and endpoints.
- Clearly communicate security status, risks, and improvements across teams.
Platform Collaboration (not ownership)
- Work with platform engineers to ensure workloads follow secure configuration principles.
- Provide guidance on IAM, network access, logging, and hardening for AWS services.
- Support platform initiatives (e.g., observability, configuration standards, resilience) where security input is required.
Requirements
- SC-900 Compliance & Identity Fundamentals
- Microsoft Certified Associate-level certifications in either SC-300/200/400/500
- Strong experience in identity security (Entra ID / Azure AD).
- Good understanding of IAM principles: RBAC, least privilege, Conditional Access, MFA.
- Experience with security operations, logging, and incident handling.
- Understanding DLP, or data governance tooling.
- Familiarity with Cyber Essentials, ISO27001, PCI DSS, or similar frameworks.
- Exposure to SIEM/SOC tools and detection tuning.
- Hands-on experience with EDR/AV platforms and device security.
- Familiarity with automating security tasks using PowerShell, Python, or similar.
- Experience managing SaaS applications, user access, and configuration drift.
- Understanding of cloud security fundamentals (AWS or Azure).
- Strong analytical and problem-solving skills with attention to detail.
- Effective communication skills and ability to work cross-functionally.
- Proactive mindset with a desire to continuously improve security posture.
Desirable
- Experience with Infrastructure-as-Code concepts.
- Basic knowledge of Kubernetes (EKS) and container security.
- Experience supporting or participating in audits.
Benefits & conditions
With people and culture at the heart of our organisation, we are continually enhancing our employee offer and culture. We are incredibly proud to have been officially certified as a Great Place to Work® (GPTW®) and an accredited Living Wage employer - all our employees earn a fair living wage above the government minimum wage.
Working in our stunning new office at New Era Square in the centre of Sheffield, you will get complimentary breakfast, hot & cold drinks, snacks, pool table, holidays, length of service days, voluntary day, enhanced pension scheme, pension salary sacrifice scheme, healthcare scheme, Employee Assistant Programme, sick pay, enhanced maternity & paternity pay, career progression, a commitment to personal and professional development, employee of the month award, refer a friend scheme, staff discounts, mental health and financial support, and company social events.
At UniHomes we are committed to fostering an inclusive and diverse workplace where everyone can thrive and which values individuals for their unique perspectives. We welcome candidates from all backgrounds, regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, or sexual orientation.
Please let us know if you require any reasonable adjustments to make the recruitment process more accessible to you.
Applicants must already have the permanent and unrestricted right to work in the UK. Unfortunately, we are unable to offer visa sponsorship as we do not hold a sponsor licence.
We want to hear your unique voice in your application. We love AI, but relying on it solely to write your cover letter and answer the application questions is a missed opportunity to showcase the originality and personality that will make you stand out. Show us the real you.
