Cyber Security Engineer
Posted 2026-06-26Cyber Security Engineer | Permanent | Full time | Home based | Competitive pay plus fantastic benefits
About the Role
You will be part of a growing cyber security engineering function responsible for the design, implementation and continuous improvement of Spire’s security controls and platforms. This role is engineering-led, focused on building and enhancing security capabilities across a complex enterprise environment, working closely with architecture and delivery teams. You will help design, implement, monitor and support our IT security toolsets, working on complex issues in a large-scale enterprise hybrid environment. You will work on a mix of BAU and project-based work including multiple Azure related security projects (strong M365 focus), general automation projects and ensuring new applications are deployed securely. This role reports into the Cyber Security Engineering Architect and works closely with broader IT Engineering, Architecture and Project Delivery teams.
This is an exciting time to be joining the Spire as we embark on large scale transformation and IT maturity.
Key Responsibilities
Help build and mature the Microsoft Security practices within the organisation utilising the Azure M365 application stack and their security capabilities
Work with Architecture to ensure security is embedded in all new solutions and deployments
Lead or contribute to the delivery of strategic security platforms (e.g. PAM, IDAM, endpoint security, data protection)
Drive automation across security operations to reduce manual intervention
Own technical uplift of security capability, including configuration, optimisation and continuous improvement
Identification, mitigation, and management of security threats, vulnerabilities and risks
Assess and respond to external threat intelligence reports
Conducting internal audits of security controls in place developed/supported/ implemented by Spire’s technical infrastructure and development teams
Support ISO27001, NIST, Cyber Essentials Plus and other internal and external audit programmes
Providing support and guidance within IT and the Wider Business to ensure compliance with security policy and standards
Support the continuous improvement of security policies, procedures, standards and guidelines
Implement and improve technical processes to create efficient and secure methodologies Support the management and investigation of security events including post incident reviews in conjunction with other IT teams and members of the Information Security function
Stay current on information technology trends and security standards
Required Skills & Experience
Relevant industry certifications such as CISSP, CCSP, CISM, or equivalent are desirable; experience working within ISO27001, NIST, Cyber Essentials Plus and DSPT/CAF aligned environments is expected
Microsoft security certifications such as AZ-500, SC-200 or SC-900 are desirable, particularly where aligned to hands-on engineering within the M365 E5 security stack
Practical security engineering experience is valued over purely certification-led profiles, particularly in areas such as PAM, IDAM, endpoint security and enterprise security tooling delivery
Knowledge and Technical Ability
You will have at least 3 years’ experience in a similar technical IT Security role for a medium to large enterprise, involving a broad range of technology including some of the following:
Practical experience supporting or delivering Privileged Access Management (PAM) and Identity & Access Management (IDAM) solutions in an enterprise environment
Experience working on security platform implementations or transformations rather than purely operational support
Experience with endpoint visibility and control platforms such as Tanium (or equivalent) is highly desirable
Deep experience engineering security controls across Microsoft security stack including Defender, Sentinel, Entra (Azure AD), Purview and Intune
Knowledge & understanding of security principles surrounding - SIEM, Antivirus, DLP, Firewalls, Open-Source Filtering tools, Cloud security (Azure), EDR,
Knowledge of Windows Servers and Linux Servers
Endpoint and network security technologies
Knowledge of IT Security and Governance best practices and industry standards, including, but not limited to, ISO27001, NIST, Cyber Essentials etc
Strong understanding of technical security risk, threat, and vulnerability management principles
Ability to drive own workload identifying risks and requirements working flexibly where required
Skills and Behaviours
Someone intuitive and self-motivating
Likes to problem solve by researching and investigating better ways of operating utilising the people, processes, and technologies
Excellent verbal and written communications skills
Excellent inter-personal skills
Ability to work accurately and at pace commensurate with a rapidly changing risk environment
Ability to respond to risks and issues quickly
An innovative thinker and detail oriented
Friendly and approachable
Willingness to learn and undertake formal and informal training should it be required
Must be based in the UK for this role and sponsorship is not offered for this role.
Contract Type: Permanent
Benefits
We offer employees a competitive salary as well as a comprehensive benefits package which includes but is not limited to:
35 days annual leave inclusive of bank holidays
Employer and employee contributory pension with flexible retirement options
‘Spire for you’ reward platform - discount and cashback for over 1000 retailers
Private medical insurance
Life assurance
Our people are our difference; it's their dedication, warmth and pursuit of excellence that sets Spire Healthcare apart.
We commit to our employee’s well-being through work life balance, on-going development, support and reward.
For us, it's more than just treating patients; it's about looking after people.
If we have received sufficient applications, this date may be brought forward so please submit your application as soon as possible.