Incident Response & Risk Management
· Support the management of security incidents in coordination with relevant stakeholders.
· Assist with the development of automation playbooks and webhooks to improve response efficiency and consistency.
· Help document and implement mitigation measures, contributing to post-incident reviews and lessons learned.
· Participate in penetration test preparation, remediation tracking, and validation activities.
Microsoft 365 Security & Cloud Platforms
· Support administration and policy management within Microsoft 365, including Purview, Entra, and Intune.
· Contribute to Active Directory security reviews, access control improvements, and privileged account auditing.
Governance, Compliance & Audit
· Assist with compliance activities, internal audits, and participation in third-party or client security assessments.
· Support vendor due diligence and maintain supplier risk documentation.
· Maintain awareness of and alignment with frameworks including Cyber Essentials+, ISO 27001, and related standards.
· Ensure documentation, evidence, and audit trails are maintained to demonstrate control effectiveness and compliance.
· Contribute to the secure design and review of systems and applications by applying Secure Development Lifecycle principles throughout change and deployment processes.
Awareness & Training
· Support education through phishing simulations and awareness campaigns.
· Contribute to the development and delivery of clear, engaging security materials for both technical and non-technical audiences.
· Promote positive cyber behaviours and act as an ambassador for information security across the business.
Technical Development & Automation
· Apply PowerShell or Python scripting to improve automation, reporting, and response processes.
· Support Privileged Access Management (PAM) and Identity Access Management (IAM) activities.
· Develop hands-on experience in endpoint detection and response (EDR/XDR) platform tuning and maintenance.
Knowledge & Experience
· Proven understanding of security best practices and implementation across enterprise environments.
· Hands-on experience with:
o SIEM, XDR, and log ingestion (syslog, APIs, parsers).
o Mail gateways and phishing protection (KnowBe4, PhishER, Mimecast).
o Privileged Remote access and VPN solutions
o Firewall and web filtering solutions, with an understanding of networking and infrastructure.
o Vulnerability management tools (Tenable, ManageEngine).
o Microsoft 365 stack, as well as Active Directory and Group Policy.
o Penetration test engagement and remediation processes.
· Awareness of Cyber Essentials+, ISO 27001, GDPR, and data protection requirements.
Skills & Behaviours
· Precise and articulate communicator with strong documentation standards.
· Analytical, thorough, and structured approach to problem solving.
· Demonstrates integrity and a clear commitment to doing what is right.
· Strong stakeholder engagement and collaboration across IT and business teams.
· Proactive, hands-on mindset with the ability to learn and adapt quickly.