Cyber Security Engineer - Defence

Cyberfort
Liverpool
1 month ago
Applications closed

Related Jobs

View all jobs

Cyber Security SOC Lead

IT Assistant Engineer

Siemens NX Architect

Lead Auditor Aerospace 41472

Senior Orbital Analyst

IT and SOP Assistant Role

Job Title:

Cyber Security Engineer

Reporting to:

Head of Defence and Aerospace Consultancy

Location:

Remote with travel to customer site (Feltham)

Role Requirements:

  • Must hold a current government security vetting at SC level OR Be eligible to obtain such clearance.
  • Must be currently resident in the UK
  • Must have resided in the UK for the last 5 years consecutively.

Desirable

  • Previous experience within defence.
  • Delivering Security within agile projects

Reward Package:

  • Salary Package - £65,000 - £85,000 DOE
  • 25 days annual holiday + Birthday off in addition and option to buy/sell additional 5 days
  • Company Pension Scheme
  • Private medical Cover
  • Life Assurance
  • Extensive non-taxable benefits

THE ROLE

This is an exciting opportunity to join our world class Consultancy arm, as a Senior/Lead Cyber Security Risk Consultant, supporting the next phase of Cyberfort’s growth. You’ll be joining a culture of knowledge sharing and continuous learning with expert peers in Secure Architecture and Risk planning. We work across a number of sectors with a diverse client base. We aim to create an environment where everyone can reach their full potential. We work together, we are passionate, creative, and we embrace difference.

In this role you’ll work within our Consulting team, supporting new and existing clients across various sectors to define and implement security risk assessment and best practice solutions that match their requirements. You’ll work in close partnership with clients to ensure the delivery of expert services by complementing their inhouse Information and Cyber Security resources combining expertise in information security, solution architecture and business advice.


As a Security Consultant, you will be involved in a variety of work which may include responsibility for leading, advising and implementing risk management frameworks, Information Security Management Systems, Enterprise Security Risk Management (2nd line assurance), 1st line identification of risks relating to Security Architecture, maintaining an awareness of published vulnerabilities and best practices across various platforms, especially cloud infrastructures, leading and delivering security assurance coordinator activities, providing Security & Information Risk Advice. Working across the business and multiple technology platforms, you will play a key role in ensuring our clients make the best use of their existing technology and make proportionate, risk-informed decisions, ensuring protection of client assets and transformation of their security architecture.


This role forms part of the wider Consultancy team and will work cross functionally with the Delivery Managers and others to support and assure project delivery through all phases of the agile workflow. As a team we’re always looking to raise the bar, learn new things and incorporate new technologies and you will too! You’ll share your knowledge with the team and the wider Cyberfort community, contributing to Group blogs and undertaking research related to technology enhancements.


Responsibilities:

General Responsibilities:


Vulnerability Scanning & Reporting

Perform regular vulnerability scans and generate reports utilising the below tool sets. The process should be focused on ensuring that the below tool sets are kept up to date and ensure that scans are performed regularly to help assist the Vulnerability and Patch Manager with identifying weaknesses in the system.

  • SonarQube: perform regular scans with SonarQube to audit code quality metrics, potential bugs, and security vulnerabilities.
  • Trivvy:perform regular scans with Trivvy to identify vulnerabilities within containers.
  • Nessus:perform regular Nessus scans and ensure that the warehouse and plugins are kept up to date to capture new vulnerabilities.
  • Reporting:assist the Vulnerability and Patch Manager withgenerating regular vulnerability management reports, which are to be provided to the P-ASG cyber security and IA lead.


Endpoint Security

  • Trellix:perform regular updates to Trellix to ensure the latest packages are applied and policies are amended to keep up to date with new and emerging threats.
  • Antivirus and Anti-malware Protection:perform compliance checks to ensure that antivirus and anti-malware protection is deployed successfully and being kept up to date by the relevant team.
  • Firewalls:perform compliance checks and regular audits of Firewall rules to ensure that unauthorised access and threats are being blocked.
  • Access Control:ensuring that access controls have been implemented correctly to only allow authorised users to gain access to certain data and systems.


Incident Management & Tickets

  • Incident Identification:help to recognise and confirm potential incidents through alerts, logs and user reports. This includes distinguishing between true threats and false positives.
  • Incident Response:respond to potential security breaches or cyber-attacks. The main effort should focus on containment, mitigating the damage, investigation of the root cause of the incident and restoring to normal operations.
  • Ticket Requests:respond to and resolve any tickets raised to the Leidos Security group on SD+ that require Cyber Security Engineering input.


System Hardening

  • Patch Updates to Security Products:ensure that the following security tool sets are kept up to date with regular security patches and software updates to fix vulnerabilities and improve system security:
  • Trellix
  • Bolden James
  • Nessus
  • SonarQube
  • Trivvy
  • System Compliance:perform regular system compliance audits and updates to ensure that the systems are compliant with industry best practices. This includes CIS, STIG, NIST etc.
  • Security Enforcing Group Policy Objects (GPOs):perform regular reviews and updates to security enforcing GPOs to ensure that they are compliant and fit for purpose.
  • Vulnerability Assessments:conduct periodic assessments to identify and address potential vulnerabilities.


Change Work

  • Security Impact Triage Tool (SITT):if a SITT is required for new software or hardware then it is the responsibility of the Cyber Security Engineer to fill outSection 2of the SITT tool.
  • Security Evaluation, Testing and Assurance (ST&V):perform Security, Evaluation, Testing and Assurance activities for any new changes that are planned in as part of PI Planning.


Participation in Regular Meetings

Cyber Security Engineers are expected to lead or attend numerous meetings that require their input. This includes the following:

  • Security Working Group (SWG):Lead Cyber Security Engineer to attend.
  • Vulnerability Triage:Lead Cyber Security Engineer to manage and other Cyber Security Engineers to attend.
  • Security Workshop:All Cyber Security Engineers to attend.
  • PI Planning:Change Cyber Security Engineers to participate and attend.
  • Daily Standups (Blue/Green Team):Change Cyber Security Engineers to attend every day.


Documentation

Cyber Security Engineers are responsible for creating, maintaining and reviewing detailed documentation. This includes High-Level & Low-Level Designs (HLD/LLD), Standard Operating Procedures (SOP) and compliance reports.

To be Great at the role:

  • Be customer focused and a strong verbal and written communicator.
  • Possess strong hands-on experience in reviewing project delivery plans relating to security systems; evaluation of network and security technologies; developing requirements for network and cloud security designs as well as hardware & software, able to implement cyber security and risk management frameworks, deliver cyber risk assessment in line with established risk methodologies, providing Security & Information Risk Advice.
  • Have experience building and implementing secure by design principals within the software development lifecycle (SDLC).
  • Possess awareness and understanding of HMG and NCSC Security policies, standards and guidance, alongside MOD Joint Service Publications i.e. JSP440 and JSP604
  • Passionate in cyber security.
  • Motivated, self-directed and able to work in large and virtual teams.


Our Purpose:


The Cyberfort Group is a community of 180+ passionate people united by one overall mission... to make the world safer, one business at a time. We are the "one-stop shop" for all things cyber and are working to build a centre of excellence for our customers by building an amazing place to work, learn and develop for our people.


We work with a diverse range of clients, including large Governmental departments as well as other public sector organisations and businesses within the private sector. We're growing our business and our team through our continuous investment in developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threat intelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market.


If that sounds like you, we'd like to see......

  • Your CV


Find your place at the Cyberfort Group -Our vision is to bring together technology, people, expertise, facilities and leaders in Cybersecurity to create capability that is second to none. We aim to create a workplace that leverages the expertise of people from a diverse range of backgrounds that are to be themselves, are celebrated for thinking differently and work together as one team.

We know that a one size fits all approach to our recruitment and selection practices will not allow us to reach some of the incredible people that are out there and it’s common practice for us to make adjustments. When you apply to work for us please let us know if there’s anything we can do to allow you to showcase your skills and talents to the best of your ability.

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Rural-Remote Space Jobs: Reaching for the Stars Beyond City Limits

A Fresh Horizon for UK Space Professionals When most people think of space industry jobs, their minds drift to launch pads in Florida, sophisticated mission controls at NASA, or even satellite facilities in the heart of London. However, the space sector is increasingly decentralised and offers abundant opportunities across the UK—well beyond the capital. At UKSpaceJobs.co.uk, we’ve observed a surge in vacancies that allow for rural or coastal living, prompting jobseekers to search for “space jobs in the countryside” or “tech jobs by the sea.” A variety of factors—rising remote work, cloud-based engineering tools, and demand for diverse local test sites—are fuelling this movement. Britain’s beautiful rural and seaside regions no longer represent peripheral backwaters for the space sector. Instead, they host emerging launch sites, small satellite enterprises, research hubs, and remote teams that keep pace with the nation’s growing ambitions in Low Earth Orbit (LEO), deep-space missions, and Earth observation technologies. If you’re a satellite engineer, an astro-data analyst, or a space project manager craving fresh air and lower living costs, this article is for you. Below, we’ll explore how rural-remote space roles are exploding in popularity, the specific benefits (and potential hurdles) of working outside major cities, and the practical steps you can take to launch your space career amidst rolling hills or ocean vistas.

Jobs

Quantum-Enhanced AI in Space—Propelling the Next Frontier of Exploration

Space exploration has long been a showcase of human ingenuity—launching satellites that enable global connectivity, sending probes to other planets, and even eyeing the possibility of interplanetary travel. Yet, as missions become more complex—think long-duration travel, real-time data analysis from distant probes, and advanced Earth observation—traditional computing methods can struggle to handle the colossal volumes of data and the intricate physics involved. Artificial Intelligence (AI) has helped automate some decision-making (like autonomous rovers on Mars), but the tasks ahead—such as on-orbit servicing, space debris management, or deep-space exploration—demand a new tier of computational capability. Enter quantum computing, a revolutionary technology that harnesses phenomena like superposition and entanglement to perform certain computations at speeds unimaginable on classical hardware. By merging quantum hardware with AI—often termed quantum-enhanced AI—the space sector stands to overcome limitations in orbital mechanics, big-data analytics, and complex resource optimisation. From more efficient satellite constellations to cutting-edge astrophysical research, this synergy could herald a new era of space exploration and commercial ventures. In this article, we will: Survey the current challenges in space-based missions, from planning and operations to data processing. Demystify quantum computing—how qubits differ from bits and why quantum algorithms can outperform classical ones in specific contexts. Examine how quantum-enhanced AI can transform various space applications, such as satellite fleets, deep-space comms, Earth observation, and more. Identify the main roadblocks (hardware maturity, data transfer) and how the industry might address them. Highlight new career pathways, skills, and roles emerging at the crossroads of space technology, AI, and quantum computing—particularly in the UK. Whether you’re a satellite engineer, astrophysicist, data scientist, or a space enthusiast curious about where technology is heading, read on. Quantum-enhanced AI may become the linchpin for the next wave of advances in space exploration, driving more efficient missions, groundbreaking research, and a thriving job market.

Jobs

Space Jobs at Newly Funded UK Start-ups: Q3 2025 Investment Tracker

Space exploration and satellite technology have morphed from government-driven endeavours into a global commercial race—one that the United Kingdom is actively participating in. Between cutting-edge satellite constellations, in-orbit servicing, and innovative propulsion systems, the UK’s space sector is witnessing a renaissance fuelled by venture capital, supportive policies, and an ever-expanding pool of engineering and scientific talent. In this Q3 2025 Investment Tracker, we shine a spotlight on newly funded UK start-ups that are blazing a trail in space technology. We’ll detail their funding rounds, the types of roles they’re recruiting for, and how you can seize these opportunities by registering on UKSpaceJobs.co.uk—your gateway to career openings in the UK’s flourishing space industry. Whether you’re a propulsion engineer, satellite software specialist, or a commercial manager eager to shape humanity’s final frontier, read on to discover the latest space start-ups and how you might join their missions.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.