Sword Group
Cyber Security Engineer

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals.
We are delighted to present a newly created opportunity for a Cyber Security Engineer to join our internal security team. Reporting to the CISO and working closely with IT, you will help implement, maintain, and improve Sword's technical security controls, with a strong focus on Microsoft security technologies. You will play an important role in strengthening monitoring, detection, protection, and response across the business. This is a mid-level role suited to someone with solid hands-on experience, a positive can-do attitude, and the ability to take ownership, work autonomously, manage workload effectively, and deliver results. It is an excellent opportunity for someone who wants to keep learning and continue building their career in cyber security engineering.
Key Responsibilities
Security Monitoring and Operations - Implement, administer, and improve day-to-day security operations across Microsoft security technologies including Microsoft Sentinel, Microsoft Defender, Conditional Access, Entra ID, and related Azure security capabilities, helping to strengthen monitoring, detection, protection, and response. Vulnerability Management and Hardening - Proactive and risk-based vulnerability management, including attack surface reduction, system hardening, remediation support, and cloud security posture improvement. Security Tooling and Service Support - Support the effective operation of security tooling and services delivered through a combination of internal teams and external providers, helping to maintain service quality, resolve technical issues, and improve day-to-day security outcomes. Incident Investigation and Response - Take ownership of the technical investigation and triage of security incidents, drive containment and remediation activities, and help improve detection and response capabilities through lessons learned, control improvements, and ongoing risk reduction. Technical Support for Security Awareness - Support the wider security function by contributing technical input to awareness activities, simulated phishing exercises, and secure working practices, helping colleagues understand security controls and common threats. Technical Compliance and Assurance Support - Support the wider security function by implementing and maintaining technical controls that align with internal security policies, certification requirements, and assurance activities, including supporting Cyber Essentials Plus readiness, evidence gathering, and remediation activities where needed. Technical Risk Assessment Support - Provide technical input into security risk assessments across projects, suppliers, and internal services, helping to identify vulnerabilities, assess exposure, and support practical remediation and hardening activities. Technical Support for Regulatory and Client Requirements - Support the implementation, maintenance, and evidencing of technical controls required to meet relevant legal, regulatory, and client security obligations. Supplier and Integration Security Support - Support technical reviews of supplier and partner services, integrations, and access arrangements, helping to identify security issues and ensure appropriate controls are implemented and maintained. Continuous Improvement and Automation - Identify opportunities to improve security tooling, detection logic, control effectiveness, and operational processes through tuning, automation, and incremental engineering enhancements.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
This is an excellent opportunity to work with a talented team, build hands-on experience across modern security technologies, and make a meaningful contribution to strengthening Sword's cyber security capability. If you enjoy solving technical security challenges and want to keep developing your career, we would like to hear from you.
Requirements
This is a hands-on mid-level technical role focused on implementing, operating, and improving security controls across Sword's environment. Working with IT and the wider security function, you will help strengthen monitoring, protection, detection, response, and technical assurance through effective use of security technologies and services. We are looking for someone who is proactive, practical, and delivery-focused, with the confidence to work independently, manage priorities, and follow through with minimal supervision.
You should have hands-on experience, or strong working knowledge, in several of the following areas:
Microsoft security technologies such as Microsoft Defender, Microsoft Sentinel, Microsoft Entra ID, Conditional Access, Microsoft Purview, Intune security controls, email security, identity protection, and endpoint detection and response. Operating and improving security controls across areas such as endpoint protection, SIEM, vulnerability management, identity and access management, data protection, email security, cloud security posture, and system hardening. Awareness of security frameworks, standards, and regulatory drivers such as NIST, ISO 27001, GDPR, and NIS2, with the ability to apply technical controls in support of these requirements. Experience supporting or contributing to Cyber Essentials Plus, including technical control implementation, evidence collection, remediation tracking, or preparation for assessment. Experience supporting the secure deployment and configuration of applications, infrastructure, identities, and cloud services, working with IT teams to embed appropriate security controls. Ability to explain technical security issues clearly, provide practical guidance to colleagues, and contribute technical input to awareness, audit, and assurance activities where needed. Experience in cyber security engineering, security operations, infrastructure security, IT engineering, or a closely related technical role, ideally in a complex business environment and working with internal teams and external providers, with the ability to work autonomously and manage workload effectively.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Qualifications And Personal Skills
Relevant technical certifications are desirable, particularly in Microsoft security technologies such as SC-200, SC-300, SC-400, AZ-500, or similar. Broader security certifications are welcomed but not essential if you can demonstrate strong hands-on technical capability and a willingness to continue learning. Takes ownership, works independently when needed, and stays focused on delivering high-quality outcomes. Curious, proactive, and committed to continuous learning and career development in cyber security. Able to manage workload effectively, prioritise sensibly, and maintain momentum in a busy technical environment. Communicates clearly and works well with technical and non-technical colleagues to turn security requirements into practical actions and improvements.
Benefits
At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package:
Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. Flexible working: Flexible work arrangements to support your work-life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well-being, and insurance schemes.
At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.
If we can do anything to help make the hiring process more accessible, please let our talent acquisition team know when you apply so we can support any adjustments.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills