# Cyber Security Engineer

**Company**: Quantexa
**Location**: London
**Work arrangement**: hybrid
**Experience**: senior
**Job type**: full-time
**Category**: Engineering
**Industry**: Technology

**Apply**: https://jobs.workable.com/view/5jNMqMFg7cJnLPEDaozihW/hybrid-cyber-security-engineer-in-london-at-quantexa
**Canonical**: https://yubhub.co/jobs/job_4474c998-9c7

## Description

## Cyber Security Engineer

### What we're all about

At Quantexa, we're a team of innovators and problem solvers who are passionate about creating real change for our clients and their industries. We're driven by a desire to do things better than the last time, and we're always looking for talented individuals to join our team.

### The opportunity

We're seeking a highly skilled Cyber Security Engineer to join our Security Operations team. As a Cyber Security Engineer, you will play a key part in protecting Quantexa's systems and data from cyber threats. You will be responsible for the day-to-day operation, optimisation, and monitoring of core security platforms, with a particular focus on Zscaler, Cloud monitoring through Wiz, and Endpoint Detection and Response through CrowdStrike.

### Responsibilities

#### Wiz (Cloud Security Posture Management)

- Monitor and triage Wiz findings daily, validating alerts and determining operational impact.

- Perform tuning and threat hunting within Wiz and other tooling.

- Identify misconfigurations, excessive permissions, and exposed assets, escalating where required.

- Track remediation progress with engineering owners and ensure closure of high-priority issues.

#### Zscaler (Web Security Tunnel 2.0)

- Review and triage Zscaler alerts and policy violations, following documented response procedures.

- Investigate suspicious traffic, access attempts, and user activity to determine legitimacy and risk.

- Support enforcement actions by validating policy alignment and working with IT and Cloud teams to remediate issues.

- Monitor coverage and configuration across users and locations, identifying gaps or misconfigurations.

- Support policy tuning by analysing false positives and recommending rule or policy adjustments.

- Contribute to playbook development, operational maturity, and ongoing service readiness.

#### CrowdStrike (Endpoint Detection and Response)

- Review and triage endpoint detections, applying documented response steps.

- Execute containment actions, including network isolation and sensor troubleshooting.

- Validate full sensor coverage across the estate and address gaps in coordination with IT.

- Support tuning activities by analysing false positives and proposing rule refinements.

- Contribute to playbook improvements and operational readiness tasks.

#### Security Operations

- Conduct initial investigation of security incidents, collect evidence, and escalate based on severity with a keen eye on the quality of the output.

- Perform daily review of alerts across our SIEM, Wiz, CrowdStrike, and other platforms.

- Validate vulnerabilities and configuration weaknesses raised by scanning tools.

- Ability to interpret and operationalise threat intelligence, understand how it informs detection, prioritisation, and response activities, and clearly communicate technical threat intelligence to non-technical stakeholders.

- Support cloud security controls, identity hygiene checks, and network policy reviews.

- Contribute to the ongoing maturity and documentation of operational processes.

#### Collaboration and Ways of Working

- Act as a trusted operational partner to the Cyber Security Manager and the wider Information Security team, providing proactive support and consistent engagement.

- Partner closely with DevOps, IT, and Engineering teams to drive timely and effective remediation actions.

- Deliver clear and concise updates on incidents and operational activities proactively, without the need for prompting.

- Actively participate in team stand ups, contributing constructively to continuous improvement and operational maturity.

- Support senior engineers with platform enhancements, integrations, and controlled change activities.

### What you'll bring

- Demonstrated hands-on experience with security operations, incident triage, or vulnerability management.

- Familiarity with EDR platforms (ideally CrowdStrike) and security telemetry analysis.

- Knowledge of cloud environments, particularly Azure including Entra and Conditional Access, and a good understanding of cloud security concepts.

- Ability to understand alert context, assess impact, and follow structured response processes.

- Strong attention to detail, disciplined documentation, and good communication skills.

### Benefits

- Competitive salary

- Company bonus

- Hybrid workplace & free access to global WeWork locations & events

- Pension Scheme with a company contribution of 6% (if you contribute 4% or more)

- 25 days annual leave

- Flexible working hours

- Professional development opportunities

- Access to a range of employee benefits, including health insurance, gym membership, and more

## Skills

### Required
- Cloud Security Posture Management
- Endpoint Detection and Response
- Web Security
- Security Operations
- Threat Intelligence
- Cloud Security
- Azure
- Conditional Access
- Entra
- CrowdStrike
- Wiz
- Zscaler
- SIEM
- Vulnerability Management
- Incident Triage
- EDR Platforms
- Security Telemetry Analysis

### Nice to have
- Cloud Security Posture Management
- Endpoint Detection and Response
- Web Security
- Security Operations
- Threat Intelligence
- Cloud Security
- Azure
- Conditional Access
- Entra
- CrowdStrike
- Wiz
- Zscaler
- SIEM
- Vulnerability Management
- Incident Triage
- EDR Platforms
- Security Telemetry Analysis