Experis UK
Cyber Security Engineer

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Overview
The Senior CyberSecurity Engineer will own the hands-on technical security of a leading healthcare and dental care provider’s web estate, Azure cloud infrastructure, and emerging AI services. Reporting to the Director of IT, this role sits at the intersection of infra, product, and delivery teams. The focus is keeping the organisation secure without slowing it down — hardening web ingress controls, securing identity and access, and building security guardrails for AI adoption. Day-to-day security monitoring is handled by our SOC team; this role goes deeper: owning Azure security posture, managing WAF and edge security, and embedding security into how the organisation builds and runs software.
Responsibilities
Web Ingress & Application Security
- Own and maintain WAF configuration across Cloudflare and Akamai, tuning rules and responding to emerging threats.
- Review and improve web ingress controls including DDoS mitigation, rate limiting, and certificate management.
- Apply OWASP principles across the organisation’s web applications, working with development teams to identify and remediate vulnerabilities.
- Lead API security design and governance, ensuring consistent security controls across platform APIs.
Cloud & Platform Security
- Own Azure security posture using Microsoft Defender for Cloud, identifying and remediating risks across the hybrid estate.
- Define and maintain security baselines for Azure workloads, virtual networks, and on-premise systems in transition.
- Work with the Platform Engineering team to ensure cloud infrastructure is built and deployed securely, including network segmentation and least-privilege control.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Identity & Access Management
- Own and maintain Entra ID configuration, Conditional Access policies, Access Packages, and app registrations across the organisation.
- Define and enforce identity governance standards, ensuring access reviews, lifecycle management, and role hygiene are maintained.
- Work with the wider engineering team to ensure application-level identity is implemented consistently and securely.
AI & Emerging Technology Security
- Define security guardrails and controls for the organisation’s AI and automation capabilities, covering data handling, prompt injection risks, and model access controls.
- Work with the AI and Automation Lead to ensure AI solutions are designed and deployed with security by design from the outset.
- Stay current with AI security risks and emerging attack vectors, translating threat intelligence into practical controls.
Security Engineering & Standards
- Embed security into CI/CD pipelines and DevOps workflows, championing shift-left practices across engineering teams.
- Define and maintain security standards, patterns, and guidelines for use across platform and product delivery.
- Participate in architecture and design reviews, providing security input as part of the delivery lifecycle.
Threat Intelligence & External Partnerships
- Act as the internal interface for Arctic Wolf, the organisation’s outsourced MDR provider, triaging escalations and feeding intelligence back into the engineering environment.
- Use intelligence from Arctic Wolf and external sources to proactively harden controls before threats materialise.
- Monitor the external threat landscape relevant to the healthcare and dental sector.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Skills and Experience
Experience
- 5+ years in a hands-on cybersecurity engineering or security architecture role.
- Proven experience managing WAF and edge security at scale, using Cloudflare, Akamai, or equivalent platforms.
- Deep hands-on experience with Microsoft Defender for Cloud, Entra ID, Conditional Access policies, and Azure app registrations.
- Practical knowledge of API security, OWASP Top 10 remediation, and secure web application design.
- Experience working embedded in engineering or platform teams within an Agile/DevOps environment.
- Familiarity with AI and LLM security risks and emerging best practices for securing AI-powered systems.
- Experience working with or alongside outsourced MDR or SOC providers.
- Exposure to identity governance practices including access reviews, lifecycle management, and role-based access control.
- Experience in a healthcare, dental, or regulated industry context is a strong plus.
Skills
- Ability to communicate security risk clearly to non-technical stakeholders without resorting to jargon.
- Pragmatic approach to risk: knows when to enforce, when to escalate, and when to accept, without becoming a blocker.
Personal Attributes
- A collaborator first: builds trust with engineering, product, and platform teams rather than policing them.
- A role model of the organisation’s people values who brings a calm, measured approach to incidents and a genuine curiosity for the threat landscape.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills