Cyber Security Engineer
Indexed description
Overview
The Senior CyberSecurity Engineer will own the hands-on technical security of a leading healthcare and dental care provider’s web estate, Azure cloud infrastructure, and emerging AI services. Reporting to the Director of IT, this role sits at the intersection of infra, product, and delivery teams. The focus is keeping the organisation secure without slowing it down — hardening web ingress controls, securing identity and access, and building security guardrails for AI adoption. Day-to-day security monitoring is handled by our SOC team; this role goes deeper: owning Azure security posture, managing WAF and edge security, and embedding security into how the organisation builds and runs software.
Responsibilitie
- sWeb Ingress & Application Securit
- yOwn and maintain WAF configuration across Cloudflare and Akamai, tuning rules and responding to emerging threats
- .Review and improve web ingress controls including DDoS mitigation, rate limiting, and certificate management
- .Apply OWASP principles across the organisation’s web applications, working with development teams to identify and remediate vulnerabilities
- .Lead API security design and governance, ensuring consistent security controls across platform APIs
.
Cloud & Platform Securi
- tyOwn Azure security posture using Microsoft Defender for Cloud, identifying and remediating risks across the hybrid estat
- e.Define and maintain security baselines for Azure workloads, virtual networks, and on-premise systems in transitio
- n.Work with the Platform Engineering team to ensure cloud infrastructure is built and deployed securely, including network segmentation and least-privilege control
s.
Identity & Access Managem
- entOwn and maintain Entra ID configuration, Conditional Access policies, Access Packages, and app registrations across the organisati
- on.Define and enforce identity governance standards, ensuring access reviews, lifecycle management, and role hygiene are maintain
- ed.Work with the wider engineering team to ensure application-level identity is implemented consistently and secure
ly.
AI & Emerging Technology Secu
- rityDefine security guardrails and controls for the organisation’s AI and automation capabilities, covering data handling, prompt injection risks, and model access contr
- ols.Work with the AI and Automation Lead to ensure AI solutions are designed and deployed with security by design from the out
- set.Stay current with AI security risks and emerging attack vectors, translating threat intelligence into practical contr
ols.
Security Engineering & Stan
- dardsEmbed security into CI/CD pipelines and DevOps workflows, championing shift-left practices across engineering t
- eams.Define and maintain security standards, patterns, and guidelines for use across platform and product deli
- very.Participate in architecture and design reviews, providing security input as part of the delivery lifec
ycle.
Threat Intelligence & External Partne
- rshipsAct as the internal interface for Arctic Wolf, the organisation’s outsourced MDR provider, triaging escalations and feeding intelligence back into the engineering enviro
- nment.Use intelligence from Arctic Wolf and external sources to proactively harden controls before threats materi
- alise.Monitor the external threat landscape relevant to the healthcare and dental s
ector.
Skills and Exp
erienceExp
- erience5+ years in a hands-on cybersecurity engineering or security architectur
- e role.Proven experience managing WAF and edge security at scale, using Cloudflare, Akamai, or equivalent pla
- tforms.Deep hands-on experience with Microsoft Defender for Cloud, Entra ID, Conditional Access policies, and Azure app registr
- ations.Practical knowledge of API security, OWASP Top 10 remediation, and secure web application
- design.Experience working embedded in engineering or platform teams within an Agile/DevOps envir
- onment.Familiarity with AI and LLM security risks and emerging best practices for securing AI-powered s
- ystems.Experience working with or alongside outsourced MDR or SOC pro
- viders.Exposure to identity governance practices including access reviews, lifecycle management, and role-based access c
- ontrol.Experience in a healthcare, dental, or regulated industry context is a stron
g plus
- .
SkillsAbility to communicate security risk clearly to non-technical stakeholders without resorting to - jargon.Pragmatic approach to risk: knows when to enforce, when to escalate, and when to accept, without becoming a
blocker.
Personal A
- ttributesA collaborator first: builds trust with engineering, product, and platform teams rather than polic
- ing them.A role model of the organisation’s people values who brings a calm, measured approach to incidents and a genuine curiosity for the threat l
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search