AMS PSR

On behalf of FCDO, we are looking for a Cyber Security Engineer (Inside IR35) for a 12 Month contract based Hybrid in London, Milton Keynes or Glasgow.

The Foreign, Commonwealth & Development Office (FCDO) pursues our national interests and projects the UK as a force for good in the world. We promote the interests of British citizens, safeguard the UK's security, defend our values, reduce poverty, and tackle global challenges with our international partners.

We are seeking a Cyber Security Engineer to support the operational security of FCDO systems and infrastructure. This role is focused on the back-end engineering side of the Security Operations Centre (SOC), with responsibilities including SIEM onboarding, security control deployment, and infrastructure hardening. You will play a key role in scaling cyber capabilities and improving log onboarding processes in a Microsoft-first, cloud-heavy environment.

DV Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. Please note, due to the exceptional requirements of this position (short-term nature of this role and speed at which we require a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance.

As a Cyber Security Engineer your main responsibilities will be:

• Support SIEM onboarding and log normalisation across a range of platforms.
• Work on the back-end infrastructure of the SOC, including infrastructure hardening and security control deployment.
• Responsible for operational security and assisting with the design, implementation, and development of security controls and systems.
• Ensure that incidents are detected, prioritised, investigated, contained, and remediated, and that operational security controls are measured and improved.
• Proactively monitor networks and systems for evidence of potential threats.
• Lead response activities to minimise the impact of cyber incidents, including technical investigation into root cause and extent of damage.
• Ensure remediation work identified by IT Health Checks and audits is undertaken.
• Provide ongoing review and improvement of cyber security policies, best practices, and implementation.
• Occasionally support triage activities, but not responsible for event triage.

Essential:

• Strong experience in infrastructure security engineering.
• Proven ability to identify, investigate, and remediate complex cyber security issues.
• Experience with firewall and network security.
• Experience working with one or more cloud environments (Azure, AWS, Oracle).

• Understanding of attacker techniques, Cyber Kill Chain frameworks, and threat modelling.

• Experience in securing cloud platforms.

• Knowledge of encryption and ethical hacking.

• Extensive experience working with SIEM solutions (e.g., Splunk, Microsoft Defender).

• Basic experience in scripting languages (e.g., PowerShell, Python, Bash).

• Strong understanding of infrastructure, particularly Windows-based systems, with exposure to Linux for back-end logging.

• Familiarity with Microsoft ecosystem: Windows 11, M365, Defender, Exchange, Teams.

Please be aware that this role can only be worked within the UK and not Overseas.

Disability Confident 

As a member of the Disability Confident Scheme, FCDO guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.

Armed Forces Covenant

FCDO guarantees to interview veterans or spouses / partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates / military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.

In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".