Junior Security Engineer

Overview of positionThe Junior Security Analyst supports the implementation, monitoring, and continuous improvement of the organisation’s cybersecurity controls. This highly technical role focuses on security monitoring, incident response, vulnerability management, and control validation across Microsoft 365/Azure and on-premises environments. It is ideal for a recent graduate with strong networking knowledge and a passion for security tooling and evidence gathering.Key ResponsibilitiesSecurity Control Implementation & ValidationAssist with the rollout, verification, and ongoing improvement of security controls across endpoints, networks, and cloud services.Collect technical evidence and metrics to demonstrate control effectiveness.Track remediation activities and configuration drift.Security Monitoring & Incident ResponseTriage and investigate alerts from SIEM and endpoint tools (Microsoft Defender ATP, Intune).Analyse logs and packet captures to support incident containment and root-cause analysis.Support containment and remediation of security incidents under supervision.Network & Endpoint SecurityReview and document firewall rules, IDS/IPS alerts, and network anomalies.Monitor endpoint security deployment, coverage, and configuration.Maintain accurate network and asset inventories.Vulnerability & Asset ManagementRun and interpret vulnerability scans and asset inventories.Identify unauthorised or non-compliant devices and escalate per security policies.Authentication & Access ManagementEnforce multi-factor authentication (MFA) and privileged account management across all account types.Review Active Directory/Entra ID for security anomalies.Tooling & AutomationUse PowerShell, Python, or Bash to query logs, extract metrics, and automate evidence gathering.Maintain documentation for dashboards, control status, and technical procedures.Qualifications and Skills Strong networking fundamentals: TCP/IP, routing, switching, VLANs, DNS, VPNs, firewalls.Hands-on exposure to Microsoft 365/Azure security features (Defender, Intune, Conditional Access, etc.).Understanding of encryption and authentication technologies (TLS, certificates, MFA, Kerberos/NTLM, OAuth).Familiarity with SIEMs, vulnerability scanners, packet capture tools (Splunk/ELK, Qualys/Nessus, Wireshark).Comfort with command line and scripting (PowerShell, Python, Bash).Ability to use Power BI / Power Query (M) to build and update security dashboards and reports.Ability to write and run Kusto Query Language (KQL) queries in Microsoft Sentinel/Defender to investigate incidents and extract metrics.Ability to support implementation and measurement of security controls across multiple environments.Good communication skills for conveying security concepts to non-technical stakeholdersPreferredSecurity certifications such as CompTIA Security+, Network+, or CCNA (held or actively being pursued).Experience with cloud security in Microsoft 365/Azure environmentsKnowledge of mobile device security managementFamiliarity with compliance frameworks and audit processes