Information Security Engineer – UK Based

🔒 Confidential Employer
Posted 3 May 2026
LOCATION
York
TYPE
Full-time
LEVEL
Entry-level
CATEGORY
IT Support & Infrastructure
This employer holds a UK Home Office sponsor license — sponsorship for this specific role is at the employer’s discretion

SKILLS

SIEM EDR Incident Response Risk Assessment Cloud Security Security Audits Security Awareness Vendor Security Review

FULL DESCRIPTION

Information Security Engineer – UK Based

[Employer hidden — view at passion-project.co.uk] - York, United Kingdom (Hybrid) - Full-time

Overview

The Information Security Engineer supports the day-to-day operation of the company’s information security program. This role reports into the Information Security Associate Director. Works closely with cross-functional partners to help protect systems, data, and customers while building foundational experience across security operations, risk management, and compliance. This role is ideal for someone with a strong interest in technical information security who is eager to learn, detail-oriented, and motivated to deepen their hands-on security expertise. Over time, it offers an excellent opportunity to grow into broader technical security or cyber risk responsibilities.

Responsibilities

  • Support the implementation and maintenance of information security policies, standards, and procedures
  • Experience of monitoring tools security tools, alerts, and logs: SIEM Platforms.
  • Experience of EDR tools.
  • Support incident response activities, including documentation, evidence collection, and post-incident reporting
  • Assist with third-party vendor security reviews and risk assessments
  • Help prepare documentation and evidence for audits, customer security questionnaires, and compliance reviews
  • Maintain security registers, risk logs, and control documentation
  • Support employee security awareness initiatives and training programs
  • Participate in continuous improvement of security processes and controls
  • Produce reports for internal and external stakeholders.

Skill and Experience

  • Understanding of information security principles and risk management concepts
  • Familiarity with cloud environments, SaaS applications, or enterprise IT systems
  • Strong attention to detail with the ability to follow defined processes and document work clearly.
  • Ability to communicate effectively with technical and non-technical stakeholders
  • Willingness to learn and take ownership of assigned tasks.
  • Strong organizational skills and ability to manage multiple priorities

Minimum Qualifications

  • Degree in Cyber Security, Information Security, Computer Science, Information Technology, or a related field, or equivalent practical experience
  • Certifications (preferred or in progress): CompTIA Security+, BCS Foundation Certificate in Cyber Security, ISO/IEC 27001 Foundation, NCSC-aligned training or certifications

Integrity and Ethics: All [Employer hidden] employees are expected to commit to a high standard of personal integrity and carry out their responsibilities in an ethical manner

Sign up free — access 45,000+ UK sponsor-licensed jobs