Security Engineer

Role:Security Engineer

Location:Manchester – 2 days a week from the office

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.

We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…https://www.nccgroup.com/uk/

The Opportunity:

The Cyber and Information Security Team play a critical role in supporting our internal business functions alongside our external customer commitments.

NCC Group’s internal security team work to develop, introduce and maintain administrative, technical and physical security controls to continually improve the Group’s security.

The Security Engineer is primarily responsible for implementing, monitoring and maintaining security tools, technologies and configurations to ensure the confidentiality, integrity and availability of Group information systems and assets.

This role presents an excellent opportunity to support this area and will help the Security Engineering Team in managing cyber risks and meeting its business requirements.

Occasional travel to NCC Group’s other office locations globally may be required.

Key Accountabilities:

• Assisting the Group in constantly striving to improve its cyber security posture, seeking out and exploiting opportunities for improvement.
• Assisting with and providing technical subject matter expertise into the design of security solutions, working in conjunction with IT Operations and Architecture colleagues.
• Implementing, supporting and maintaining security solutions (e.g. Defender for Endpoint, privileged access management systems, access policies, application management, etc.).
• Sharing security engineering expertise across the Group globally, championing implementation of best practise.
• Taking part in the investigation of security alerts and incidents, in conjunction with the Security Operations Centre and Digital Forensics colleagues.
• Taking part in the investigation, development and adoption of cyber and information security technology, process, policy and best practice.
• Working on BAU and Project tasks assigned to the Security Engineering Team.
• Working closely with the Security Program Team where required.

Skills & Experience required:

• Previous experience within an IT Security role or similar function is essential.
• Proven ability to swiftly grasp and understand technical details of new or unfamiliar technologies
• Knowledge and experience of hybrid cloud environments with a particular emphasis on EntraID/M365

Knowledge and experience of these technologies is a key requirement:

• Microsoft EntraID/Azure
• Microsoft Defender 365 (including Microsoft Defender XDR)
• Microsoft Sentinel
• Microsoft Active Directory
• Microsoft Intune
• VMWare

Experience in as many of these technologies/areas as possible is highly desirable:

• Security Frameworks (NIST, CIS etc.)
• PAM Tools and Technologies
• AWS
• Security Incident Response
• Endpoint Security (including mobile devices, Windows and Linux)
• Excellent communication skills and the ability to explain security concepts to management and other stakeholders both technical and non-technical, who may not have a security background.
• Excellent analytical and problem solving skills
• Ability to take direction and work autonomously on both Project and BAU work
• Ability to work proactively in identifying security issues then working to define and implement appropriate mitigations
• Any Security related certifications may be advantageous – Security+, Microsoft SC900, AZ900

Behaviours:

• Focusing on Clients and Customers
• Working as One NCC
• Always Learning
• Being Inclusive and Respectful
• Delivering Brilliantly

About NCC Group

The NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.

We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.

Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative and we embrace difference. We treat everyone and everything with equal respect.

We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email . All personal data is held in accordance with the NCC Group Privacy Policy (candidate-privacy-notice-261023.pdf (nccgroupplc.com)). We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.