Microsoft Security Operations Engineer

Risk Ledger is developing a network of connected organisations, all working together to defend against cybersecurity attacks in the supply chain.
Organisations rely on us to establish trust, through sharing their security maturity and visualising the risks posed by their supply chain ecosystem. And we’re already trusted by customers like ASOS, Snyk, BAE Systems and the NHS.
Risk Ledger is built on the respect we have for one another and our users, united by our shared values and mission.
At Risk Ledger, we aim high to find the best solutions we can and always put our users first.
You’ll join the Head of Information Security supporting and collaborating with all parts of the business to deliver a secure environment enabling impactful outcomes for Risk Ledger and our customers.
As our Senior SecOps Engineer you’ll be playing a critical part in maintaining and improving the security of our product, business tools, people and organisation.
This is an opportunity to have a huge long-standing impact through improving our technical security strategy, which will lead to even greater success for our business and our customers.
From day one, you'll shape opportunities to empower our team by maintaining and improving the security of our tools and working practices for peak performance, all while safeguarding the confidentiality of our customers' data. Drive technical security health and productivity. By continuously seeking opportunities to improve our IT operations estate, evolving our ways of working with simplification and automation to remove friction for people to achieve pragmatic secure outcomes that balance risk.
informing them of security risks, controls and options in language that helps them understand; Flexible planning of in-flight work, technical developments and prioritisation of opportunities, alongside the Information Security Manager.
You’ll identify opportunities to learn and apply the necessary skills to meet our business needs your goals to develop your security expertise.
We're a growing scale-up, so expect to have a hand in everything from administering systems to delivering projects contributing to product and service resilience.
An operational focus and prioritise security over compliance.
Prior experience of deploying and maintaining Google Workspace, Jamf MDM, AWS and a variety of SaaS.
Applied a broad knowledge of technical security operations and fundamental best practices to support others, and provide ways to help them achieve their goals.
An innate sense of curiosity and flair for creativity, with a keen interest in getting the best security value from the tools available that support the operations of the wider business.
Excellent communication skills, both written and verbal, with a strong collaborative mindset and a calm, controlled demeanour in the heat of an incident.
Demonstrated experience in actively mentoring and guiding more junior colleagues, taking satisfaction in their professional growth
Extensive experience navigating and technically managing security and operational incidents
A strong understanding and ability to implement effective security controls throughout the entire Software Development Lifecycle (SDLC)
Experience in the engineering, building, and maintenance of secure infrastructure and services within Google Cloud Platform (GCP)
Experience in SIEM engineering, including the deployment, optimisation, and tuning of monitoring platforms
Experience leading and conducting product security threat modelilng sessions across development teams
Ensures decisions are backed by clear, objective analysis.
Results, Quality and Impact Focused: Competitive base salary
~#Generous EMI equity package
~#Private pension
~✈️25 days annual leave + bank holidays
~#Additional 30 days of unpaid leave per year to use as you wish
~#Ad-hoc companywide time off - last year we gave everyone 'rest leave' in August and over the festive period
~#Private healthcare with AXA Insurance - including enhanced mental wellbeing coverage
~#Hybrid working policy, typically 2-3 days in the office
~#Enhanced family (parental) leave - gender-neutral policy, 12 weeks paid leave
~#Enhanced occupational sick pay
~#500 WFH budget
~#