Cyber Tooling SME Engineer

Cyber Tooling SME Engineer
Hybrid/Remote
6 Months
Inside IR35/Umbrella

Are you a highly skilled cybersecurity tooling expert ready to shape and optimise enterprise-scale security platforms? We're looking for two Cyber Tooling SME Engineers to take ownership of critical security tooling across a complex, modern technology environment.

The Opportunity

This is a senior, hands-on engineering role where you'll lead the design, implementation, and optimisation of cutting-edge cybersecurity tooling. You'll play a pivotal role in ensuring security platforms are robust, integrated, and operating at peak performance-supporting a proactive, resilient cyber defence capability.

Working closely with product, architecture, and engineering teams, you'll translate high-level designs into scalable, secure, and maintainable solutions.

What You'll Be Doing

• Acting as the technical SME across cybersecurity tooling, including:
• Microsoft security stack (Defender, Sentinel, Purview)
• EDR/XDR platforms
• SIEM and CSPM solutions
• Leading end-to-end implementation of new tools, features, and improvements
• Owning BAU operations, including performance tuning, troubleshooting, and system optimisation
• Driving automation and integration across tooling ecosystems (including SOAR where relevant)
• Developing technical standards, runbooks, and configuration baselines
• Leading patching, vulnerability remediation, and security hardening activities
• Supporting incident response and root cause analysis
• Mentoring engineers and sharing best practice across the team
• Continuously improving system performance, resilience, and efficiency

What Success Looks Like (First 12 Months)

• Delivery of key tooling enhancements on time and to a high standard
• Stable, efficient, and high-performing security platforms meeting defined SLAs
• Measurable improvements in automation and operational efficiency
• Reduced risk through successful vulnerability remediation and hardening
• Strong documentation, automation, and knowledge-sharing established across the team

What We're Looking For

Experience & Qualifications

• 8+ years in IT, including 5+ years in cybersecurity tooling engineering
• Strong hands-on experience across:
• Microsoft Defender suite
• Microsoft Sentinel
• SIEM, EDR/XDR, CSPM platforms
• Proven experience in large-scale, enterprise or cloud environments
• Certifications such as CISSP or CISM (or equivalent)

Technical Skills

• Tooling integration, orchestration, and automation (SOAR desirable)
• Scripting (PowerShell, Python, REST APIs)
• Hybrid/multi-cloud security environments
• Strong troubleshooting and performance optimisation expertise

Bonus Experience

• Knowledge of frameworks and regulations such as ISO 27001, GDPR, NIS
• Experience contributing to tool selection and architecture decisions

Key Skills & Attributes

• Deep technical expertise with a hands-on engineering mindset
• Strong problem-solving and analytical abilities
• Ability to bridge architecture and practical implementation
• Confident stakeholder engagement across technical and non-technical teams
• Passion for mentoring and continuous improvement

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.