Rider Levett Bucknall RLB

Information Security Engineer

Rider Levett Bucknall RLB

full-time

Posted on:

Location Type: Hybrid

Location: BirminghamUnited Kingdom

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AzureCloud

About the role

  • The Information Security Engineer will work closely with the Head of Security and Infrastructure, as well as the wider IT and Governance teams, to ensure the ongoing protection of RLB’s IT environments.
  • This is a critical role responsible for protecting infrastructure, cloud, software, and data against unauthorised use, modification, exfiltration, or damage.
  • This role identifies threats, manages projects and engineers solutions.
  • Management of day-to-day security operations and act as the primary contact for the third-party SOC.
  • Analyse and interpret logs, alerts, and threat data to identify potential security incidents.
  • Ensure security alerts and incidents are managed and remediated.
  • Ensure security tooling is correctly configured, operational, and fully utilised.
  • Support or lead security incident investigations, including root cause analysis and remediation.
  • Conduct vulnerability assessments and maturity scans, ensuring risks are clearly communicated and mitigated.
  • Oversee third party penetration tests, manage remediation plans, and maintain strong vendor relationships.
  • Work with Microsoft security technologies such as Microsoft Purview, Defender, M365, Entra ID, and Azure security tools, email security solutions and endpoint protection solutions.
  • Oversee configuration changes, ensure tools are effectively integrated, and monitor identity and access management to detect potential misuse of credentials or privileges.
  • Help ensure alignment with standards such as Cyber Essentials Plus, NIST 800-171, ISO 27001, and UK GDPR.
  • Carry out security audits and respond to DSAR requests
  • Assist with internal/external audits and maintain documentation to demonstrate compliance with RLB’s security requirements.
  • Assist with the completion of supply-chain risk assessments.
  • Provide support for the secure onboarding of software, ensuring adherence to data security protocols, software development best practices, and all relevant requirements.
  • Develop and support awareness initiatives, phishing simulations, and internal training.
  • Stay ahead of new threats and emerging technologies, recommending ongoing improvements.

Requirements

  • Certifications such as CEH, CISSP, Security+
  • Relevant Microsoft certifications (SC-900, SC-200, AZ-140)
  • Ability to obtain Security Clearance (essential)
  • Extensive experience configuring and managing M365, Microsoft Purview, Defender, and the broader Microsoft cloud security ecosystems.
  • Experience working with information classification systems and Data Loss Prevention techniques.
  • Experience working with or managing third party SOC, SIEM, and security vendors
  • Background in overseeing penetration tests and coordination of remediation activities
  • Solid understanding of incident response, vulnerability management, and general cyber defence principles
  • Demonstrable experience in NIST 800-171 & ISO 27001-compliant environments.
  • Excellent interpersonal skills with the ability to influence peers and seniors on matters concerning protective security.
  • Excellent organisational skills with the ability to prioritise workload and deliver to tight time scales.
  • Possesses a professional and confident manner and maintains confidentiality at all times.
  • A highly motivated and driven individual who adopts a flexible and adaptable approach.
  • Desirable: Exposure to secure software development and implementation practices.
Benefits
  • We believe in building a diverse and inclusive environment where each person can be themselves, feel valued for their contribution and be challenged and supported to reach their full potential.
  • We have a responsibility to support the communities in which we live and work, and that our workforce should reflect these communities and our clients.
  • Our talent strategy should enable us to overcome bias in the construction industry by recruiting, retaining, developing, and promoting a diverse and inclusive workforce.
  • Hybrid Working - Working patterns to support your work-life balance. As well as competitive maternity and paternity packages.
  • Well-Rewarded - A competitive salary and generous holiday entitlement. As well as the opportunity to purchase up to five extra days.
  • Focus On Wellbeing - We offer a number of health and wellness options, including gym membership and cycle to work schemes.
  • Healthcare Packages - Private healthcare insurance and medical support, including dental insurance and eyecare vouchers.
  • Personal Development - A continuous learning and development programme, including established APC and in-house mentoring schemes.
  • Additional Benefits - We offer a wide range of benefits including a season ticket loan and professional membership subscriptions.
  • Exceptional Exposure - You’ll have the opportunity to work on diverse projects across different sectors and regions.
  • Social Responsibility - We hold team and social events as well as charity fundraising and volunteering activities
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
vulnerability assessmentsincident responsedata loss preventionpenetration testingsecurity operations managementthreat analysisroot cause analysisconfiguration managementcyber defense principlessecurity audits
Soft Skills
interpersonal skillsorganizational skillsinfluencing skillsconfidentialityflexibilityadaptabilityproject managementcommunication skillsproblem-solvingtraining and awareness development
Certifications
CEHCISSPSecurity+SC-900SC-200AZ-140