Cyber Operations Engineer

Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change. By combining world-class engineering, industry expertise and a people-centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses. From prototype to real-world impact - be part of a global shift by doing work that matters.Job DescriptionEndava is seeking an experienced Cyber Operations Engineer to support the operational effectiveness, governance, and continuous improvement of enterprise cyber security tooling and control implementations.This role focuses on ensuring that security platforms and controls are correctly configured, optimised, and delivering effective protection across enterprise environments including endpoints, identity platforms, cloud services, email systems, and network infrastructure.Working closely with Security Operations (SOC), Cyber Engineering, Threat Intelligence, and IT Operations teams, the Cyber Operations Engineer acts as a key link between security design and operational execution. The role translates threat intelligence insights, attack patterns, and incident learnings into actionable improvements to security tooling, detection capabilities, and preventative controls.The successful candidate will contribute to strengthening security posture by improving configuration management, reducing operational friction in cyber tooling, and enabling scalable, automated security control management.Responsibilities:Maintain and continuously improve the configuration, performance, and effectiveness of enterprise security tools and platforms. Ensure cyber security controls across endpoint, identity, cloud, email, and network environments are operating as designed and aligned with security standards. Identify opportunities to automate configuration management and control deployment to reduce manual effort and operational risk. Partner with SOC teams to improve detection coverage, alert fidelity, and operational response capabilities. Reduce false positives and improve signal quality across detection and monitoring platforms. Collaborate with Threat Intelligence, Threat Hunting, Vulnerability Management, and Cyber Engineering teams to identify security tooling gaps and control weaknesses. Design and implement preventive and detective control improvements based on incident trends and emerging attack techniques. Support governance and oversight of security tooling by ensuring configurations align with approved security policies and standards. Maintain documentation of control configurations, operational procedures, and security tooling intent. QualificationsExperience:8+ years of experience in cybersecurity or IT infrastructure roles, with at least 4 years in security engineering, security operations, or cyber tooling management. Hands-on experience configuring and improving enterprise-scale security platforms. Experience working closely with Security Operations Centres (SOC) and IT infrastructure or cloud operations teams. Demonstrated experience improving detection capability and operational response through tooling configuration and tuning. Experience translating threat intelligence and incident learnings into practical security control improvements. Experience supporting enterprise security tooling implementations and operational transitions. Industry certifications such as CISSP, GCIH, Security+, or relevant cloud security certifications are advantageous. Technical Skills: Hands-on experience with modern enterprise security platforms such as:CrowdStrike (EDR/XDR)Microsoft Purview / Microsoft Security stackPalo Alto security technologiesSIEM or detection platformsExperience across multiple security domains including:Endpoint detection and response (EDR/MDR)Email security controlsIdentity and access securityCloud security controls and native cloud security servicesNetwork and application security toolingStrong understanding of modern attack techniques and how enterprise security controls fail in real-world environments. Experience with configuration management, change control processes, and operational governance frameworks. Ability to tune detection logic, policies, and platform configurations to improve protection and operational efficiency. Familiarity with security monitoring, incident response workflows, and SOC operations. Understanding of automation, scripting, or infrastructure-as-code approaches for security configuration management is desirable. Additional InformationDiscover some of the global benefits that empower our people to become the best version of themselves:Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus; Career Development:Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;Learning Opportunities:Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;Health: Global internal wellbeing programme, access to wellbeing apps;Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations. At Endava, we’re committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.