Nuffield Health

Cyber Security Engineer

Nuffield Health · London, England, United Kingdom

Wellness and Fitness Services · 51-200 employees

23 h ago
Mid (2-5 yrs) Full-time Temporary United Kingdom
Log in to apply, save this posting, or score it against your profile with AI.

About the role

The role involves managing and maturing security controls across the Microsoft Defender suite and Azure security services. Additionally, the engineer will develop security-as-code artefacts and support incident response playbooks.

What they look for

Microsoft Sentinel KQL Microsoft Defender Suite Azure Security Architecture Entra ID Network Security Privileged Access Management Vulnerability Management Incident Response NIST CSF CIS Controls Cyber Essentials Plus Security-as-Code Terraform Azure DevOps Bicep

Requirements

Candidates need proficiency in Microsoft Sentinel, KQL, and the broader Azure security ecosystem. Experience with network security, vulnerability management, and familiarity with UK healthcare security frameworks is required.

Benefits

Free Gym Membership Health Assessments Retail Discounts Pension Options

Full description

Cyber Security Engineer

Barbican, London | Hybrid Working (One office day a week) | Fixed-Term Contract till end of 2026 | Full-Time

Competitive salary available, depending on experience

37.5 hours per week

At Nuffield Health, everything we give our patients, members and customers would not be possible without you. Your passion, your warmth, your drive to make a difference. Whether it’s driving connecting health, helping the nation, transforming experiences, or building the career you want – we give you the support to do it all. Join our journey. It starts with you.

We are looking for a skilled and enthusiastic Cyber Security Engineer to join our growing Cyber Security practice. The ideal candidate will have previous experience working in an in-house security engineering role working collaborating within Technology Service and Product Engineering teams to build and maintain a strong security posture; mitigating security risks and fostering a proactive culture.

This role also provides the opportunity to contribute to the ongoing improvement of our cyber security detection and protection strategy.

To be succeed as our Cyber Security Engineer you will have:

  • Proficiency with security tooling, analytics tuning and reporting (e.g. Anti-virus, Microsoft Sentinel SIEM, endpoint XDR, cloud & network) and confidence in writing SIEM queries.
  • Demonstrable hands-on experience with Microsoft Sentinel, including KQL, analytics rules, and SOAR playbooks.
  • Strong working knowledge of the Microsoft Defender suite (Endpoint, Identity, Office 365, Cloud Apps, Defender for Cloud).
  • Solid understanding of Azure security architecture: Entra ID, RBAC, conditional access, Azure networking, and cloud security posture.
  • Experience with LAN, WAN, Wireless and Firewall technologies
  • Experience working with Privileged Access Management and application control solutions.
  • Experience with vulnerability management in a Microsoft environment.
  • Ability to investigate and respond to security incidents, including log analysis and forensic triage.
  • Familiarity with security frameworks relevant to a UK healthcare organisation, such as NIST CSF, CIS Controls, or Cyber Essentials Plus.
  • Good written and verbal communication skills — able to convey technical risk clearly to non-technical stakeholders.

Key responsibilities:

  • Contribute to security architecture decisions for new services, platforms, and third-party integrations.
  • Manage and mature controls across Microsoft Defender for Cloud, Defender for Endpoint, Defender for Identity, and Defender for Office 365.
  • Operate and improve Azure security services including Microsoft Entra ID (conditional access, PIM, identity protection), Azure Policy, and Defender for Cloud Apps.
  • Support infrastructure teams with secure configuration of Azure landing zones, networking (NSGs, Azure Firewall, Private Endpoints), and IaaS/PaaS workloads.
  • Develop and maintain security-as-code artefacts (ARM/Bicep templates, Terraform modules, Azure DevOps pipelines with security gates).
  • Support the development and testing of incident response playbooks and contribute to tabletop exercises.
  • Provide guidance and uplift to colleagues on security best practice within the Microsoft ecosystem.

Helping you feel good.

We want you to love coming to work, feeling healthy, happy and valued. That’s why we’ve developed a benefits package with you in mind. Here, you can choose from a range of fitness, lifestyle, health and fitness wellbeing rewards, such as free gym membership, health assessments, retail discounts and pension options.

At Nuffield Health, we take care of what’s important to you.

If you like what you see, why not start your application now? We consider applications as we receive them and reserve the right to close adverts early (for example, where we have received an unprecedented high volume of applications). So, it’s a good idea to apply right away to ensure you’re considered for this role.

Apply today… It starts with you.