Information Security Engineer

Information Security Engineer

Birmingham

Our client are a leading provider of care, education, and therapeutic services for vulnerable children and young people across the UK. They are passionate about creating safe, nurturing environments that transform lives. As part of their digital evolution, they are seeking a skilled Information Security Engineer / Analyst to help strengthen their cyber security posture and safeguard our systems and data.

Reporting directly to the Head of IT this is a hands-on technical role focused on securing enterprise applications, infrastructure, and sensitive data. You'll be instrumental in implementing and maintaining robust security measures, conducting assessments, and responding to incidents. Collaboration across departments will be key to embedding security best practices throughout the organisation.

Key Duties & Responsibilities

• Evaluate application architecture, source code, and third-party integrations for security risks
• Support secure software development lifecycle (SDLC) processes and promote secure coding standards
• Identify and remediate vulnerabilities using industry-standard tools
• Administer and configure security technologies (e.g., firewalls, SIEM, IDS/IPS, endpoint protection)
• Oversee access controls and identity management systems
• Conduct penetration testing and routine vulnerability scans
• Monitor networks and systems for threats; lead incident response efforts
• Perform root cause analysis and maintain incident response protocols
• Recommend enhancements to improve overall security posture
• Deliver security awareness training and ensure compliance with policies
• Produce monthly security reports and maintain documentation

Required Skills & Experience

• 3-5+ years of experience in cybersecurity or information security roles
• Degree in Computer Science, Information Security, or equivalent practical experience
• Familiarity with frameworks such as MITRE ATT&CK, NIST, ISO 27001, Cyber Essentials+
• Hands-on experience with tools like Nessus, Qualys, SIEM, EDR, DLP, VPNs, and firewalls
• Strong understanding of network protocols (TCP/IP, DNS, HTTP, SSH) and segmentation
• Knowledge of Zero Trust architecture and cloud-native security practices
• Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC)
• Skilled in log analysis, threat detection, and incident handling
• Excellent communication and stakeholder engagement abilities
• Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous

Salary/Package

• Basic salary of between £50k-£55k
• 4% Pension
• Life Insurance 3 x salary
• 25 days annual leave plus stautory - 1 x extra day every year for the first 3 years
• Blue Light Card
• Medicash - includes discounted gym memberships etc.

Click apply now or speak with Chris Holliday for further information.