L1 - Cyber Engineer

VirtualArmour
Middlesbrough, United Kingdom
12 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English
Experience level
Junior
Compensation
£ 26K

Job location

Remote
Middlesbrough, United Kingdom

Tech stack

Microsoft Windows
CompTIA Security+
Computer Security
Dynamic Host Configuration Protocol
Event Logging
Issue Tracking Systems
Network Security
Network Monitoring
Network Protocols
Phishing
Security Information and Event Management
File Transfer Protocol (FTP)
Mitre Att&ck
Malware
Azure Security Center
Information Technology
SentinelOne Expertise
Cisco networks

Job description

We are seeking a dedicated L1 Cyber Engineer to join our team on a 4-on, 4-off shift rotation, working 6:00 AM - 6:00 PM. This hybrid role offers flexibility, allowing remote work on weekends and office attendance only when shifts fall on Tuesdays, Wednesdays, or Thursdays.

The L1 Cyber Engineer is a junior level position. Working as part of a team the SOC Engineer's primary role is to work on helpdesk tickets for our Managed Security Services (MSS) department.

The position is dual rolled, combining a Cyber Security Analyst and a Network Security Engineer at a junior level. This role will build a foundation across all aspects of MSS technologies, allowing for the candidate to develop their own career path within VirtualArmour., * Monitor and triage security and network alerts from network monitoring, EDR/XDR, SIEM, and related security tooling; prioritize incidents based on risk and business impact.

  • Investigate endpoint threats (malware, ransomware, credential theft, persistence, lateral movement) using Microsoft Defender for Endpoint (MDE), CrowdStrike EDR, SentinelOne EDR, and Stellar Cyber XDR.
  • Identify common attack patterns (phishing, malware execution, credential abuse, lateral movement, persistence indicators) and recommend next steps.
  • Escalate complex or high-severity incidents to Tier 2/IR with high-quality handoffs (evidence, hypotheses, affected entities, attempted actions).
  • Support ongoing investigations by collecting additional artifacts/logs, re-checking endpoints, and monitoring for recurrence.
  • Document findings clearly in the ticketing system, ensuring complete timelines, evidence, and actions taken.
  • Follow SOC runbooks, playbooks, and standard operating procedures (SOPs) consistently.
  • Participate in shift handovers and maintain accurate case notes to ensure continuity of operations.
  • Identify recurring false positives, detection gaps, and tuning opportunities; propose improvements to content/rules and playbooks.
  • Stay up to date on information technology trends and security standards.
  • Adhere to company-wide best practices for IT security.

Requirements

Do you have experience in SIEM?, Do you have a Bachelor's degree?, We are seeking an L1 Cyber Engineer to join our MSS team in a Managed Security Service Provider (MSSP) environment. This role is focused on high-volume alert and ticket triage, customer-facing escalations, and first-level security investigations. The ideal candidate has strong foundational knowledge of SIEM, XDR, and EDR concepts, excellent communication skills, and the ability to follow playbooks while thinking critically under pressure., Required

  • A strong desire to work in either Cyber security or Network security fields
  • Strong understanding of SIEM, XDR, and EDR fundamentals (telemetry types, detection logic, correlation, and response workflows).
  • Understanding of attack lifecycle concepts (MITRE ATT&CK basics, NIST, Lockhead Martin etc.).
  • Ability to analyze endpoint and security logs (Windows Event Logs concepts, process/parent-child relationships, network indicators).
  • Ability to demonstrate an understanding of IP protocols like DHCP, FTP/SFTP, HTTPS/HTTPS, TCP/UDP, SSH etc.
  • Strong written communication and ticket hygiene (clear summaries, evidence-based conclusions).
  • Comfort working in a 24x7 SOC environment and meeting SLA-driven targets.
  • Team player with strong collaboration skills and a flexible approach to problem solving., * 6 months - 2 years in a SOC, MSSP, or IT security operations role (internship/coop considered).
  • A bachelor's degree in cyber security or related field, or equivalent level of experience within IT.
  • Certifications (nice to have): CompTIA Security+, SC-200, CCNA, or vendor-specific endpoint/SIEM training., * Do you currently have the unrestricted right to work in the UK without the need for visa or sponsorship?

Education:

  • Bachelor's (preferred)

Licence/Certification:

  • CompTIA Security+ (preferred)
  • Cisco CCNA (preferred)

Benefits & conditions

Pulled from the full job description

  • Company pension
  • Private medical insurance
  • Casual dress
  • Work from home
  • On-site parking, * 4 on, 4 off shift rotation.
  • If your shift falls on a weekend, you can work from home.
  • If your shift falls on a Tuesday, Wednesday, or Thursday, office attendance is required (Middlesborough).
  • If your shift falls on Monday or Friday, work location is flexible.

Job Types: Full-time, Permanent

Pay: £26,000.00 per year

Benefits:

  • Casual dress
  • Company pension
  • On-site parking
  • Private medical insurance

Apply for this position