Cyber Security Engineer

 

Description:


Seeking security engineer to join our Proactive Security team, this role will focus on the development of security technology stack to ensure threat mitigation is in place through offensive and preventive measures.

Duties And Responsibilities

Threat Modelling & Risk Analysis:

 Develop and maintain threat models for Mizuho information assets and services. 
 Assess and recommend security controls during design and implementation of new projects. 
 Build and maintain tools for proactive detection, configuration drift monitoring and automated remediation. 
 Security tooling integration and orchestration. 
 Develop and implementation of SOAR capabilities that aligns with existing technology stack. 
 Experience with KMS systems and methodologies. 
 Identity based threat detection and prevention. 
 Privileged Access and Session Management 

SIEM Management

 Design, implement, and maintain of workspaces, including data connectors, Logic App, Function App, analytics rules, workbooks, and playbooks. 
 Develop and refine custom queries for advanced threat hunting, incident investigation, and reporting. 
 Optimize SIEM performance, cost, and data retention policies 
 Identify new log sources work closely with infrastructure teams 
 Identify, onboard, and configure critical security log sources with a focus on critical infrastructure services such as Active Directory (Domain Controllers, ADFS), network devices, firewalls, servers (Windows/Linux), and cloud infrastructure logs. 
 Manage Event Collector and Event Forwarding infrastructure. 
 Implement data filtering to ensure high-quality and relevant data ingestion. 
 Parse and analyse custom log formats to extract relevant information for SIEM 
 Troubleshoot log ingestion issues 

Threat Detection & Use Case Development

 Develop, test, and deploy advanced threat detection use cases, and common infrastructure attack patterns. 
 Translate threat intelligence and vulnerability insights into actionable detection rules. 
 Continuously review and refine existing detection rules to minimize false positives and improve efficacy. 

Security Monitoring

 Analyse, develop and refine security monitoring controls, practices and use-cases to detect anomalies and incidents across the applications and infrastructure estate. 
 Collaborate with SOC team to enrich detection logic based on known vulnerabilities and misconfigurations. 

Incident Response & Security Operations

 Formulate proactive threat hunting rule based on emerging threats and intelligence. 
 Contribute to the development and improvement of security playbooks and operational procedures. 

Security Best Practices & Advisory

 Provide expert guidance on securing application and critical infrastructure components. 
 Help setup POC and evaluation on new security tools and explore the gap in controls 

Other

 Providing subject matter expertise in Cyber Security team as needed. 
 Contribute to the design and delivery of security monitoring and control effectiveness measures. 
 Availability to cover anywhere from 7am to 7pm on all business days. 

Qualifications, Skills, And Experience

 Relevant experience on security tool implementation projects (SIEM, Proxy, EDR, DLP and SEG) 
 Experience working with Cyber Security and Incident Response frameworks such as NIST, Kill Chain, Attack life Cycle, & MITRE). 
 Excellent communication skills, both written and verbal, with good documentation. 
 Minimum of 5+ years of experience in Security Engineering, Security Automation/or Orchestration, or similar cybersecurity role. 
 Expert-level proficiency in query languages. 
 Demonstrable hands-on experience with SIEM (implementation, configuration, custom rule creation). 
 Strong practical experience with EDR and SIEM technology stack 
 In-depth understanding of Active Directory security principles, common attack vectors, and logging mechanisms. 
 Experience with Windows event collection. 
 Proficiency in scripting (e.g., PowerShell, Python) for automation, data manipulation, and custom log parsing. 
 Solid understanding of networking concepts (TCP/IP, firewalls, proxies, VPNs) and security protocols. 
 Familiarity with cloud security principles, Azure, GCP, AWS 
 Working knowledge over a range of operating systems and platforms including: Windows Server, Windows XP, UNIX (Solaris, Linux), 
 Working knowledge of networks: LAN, WAN, Palo Alto, FortiGate, switches, Firewalls, remote access solutions, and VPNs. 
 In-depth experience with SIEM tools with a strategic oversight on appropriate use case methodologies. Implementation of robust security monitoring use cases and Threat hunting capabilities. 
 Relevant industry certifications (e.g., AZ-500, SC-200, SC-900, CompTIA Security+) or similar 
 Cert with Security Orchestration, Automation, and Response (SOAR) playbooks within Sentinel or other platforms. 
 Scripting skills (PowerShell, Python) for automation and data manipulation. 

Organization Mizuho
Industry Engineering Jobs
Occupational Category Cyber Security Engineer
Job Location London,UK
Shift Type Morning
Job Type Full Time
Gender No Preference
Career Level Experienced Professional
Experience 5 Years
Posted at 2026-07-01 1:15 am
Expires on 2026-08-15