Job Description

Vacancy type

Current vacancies

Profession

IT

Location

Manchester

Description

We are seeking a Cyber Security Incident Response Engineer to join our Central IT team, working directly with the Tokio Marine Global Fusion Centre US Operations group. You will handle day-to-day maintenance of security infrastructure in addition to proactive threat hunting and incident response. Your role will be key in the development, installation, configuration, and continuous improvement of the global security operations service and be critical in the response to external and internal threats. This position will require a blend of technical expertise, analytical skills, and effective communication abilities to ensure swift and efficient handling of security events. You will also be expected to identify opportunities to automate and improve effectiveness of operations.

About us

BDP is a leading, global, multidisciplinary design practice united by a shared purpose: to design a world that's built for good. For more than 60 years, we've been solving problems, creating innovative spaces, and pushing the boundaries of what's possible. From the start, we've been pioneers in the world of design, and our legacy is built on the meaningful, people-centred places we've brought to life.


We are a diverse, international practice of architects, engineers, designers, and urbanists. We work closely with our clients, users, and communities to craft spaces for living, working, learning, and enjoying life across the globe. With studios spanning the UK, Ireland, Europe, Asia, and North America, our reach is as broad as our expertise. And since joining forces with Japan's Nippon Koei in 2016, our ability to deliver integrated, impactful design has only grown stronger.


Our work is rooted in creativity, quality, and collaboration. We believe that great design removes barriers and opens new possibilities, all while meeting the demands of a constantly evolving world. Whether we're designing homes, workplaces, or public spaces, we always put people at the heart of our thinking, ensuring that the environments we create are not just functional, but also inclusive, beautiful, and socially and environmentally responsible.


We're proud of the places we've shaped and the lives we've touched, and we are committed to continuing our mission of designing a better, more connected world--one that leaves every place better than we found it.

Essential Job Functions:

Conduct security investigations and lead security incident response in a cross-functional environment and drive incident resolution Monitor security systems and infrastructure to support best performance and reliability Implement and manage security tools and processes, to detect and mitigate threats Maintain robust security feeds and ensure data integrity Proactive look for threats working with level one analysts, affected teams and security vendors Author threat detection rules and subsequent SOAR playbooks Refine operational metrics, key performance indicators, and service level objectives to measure Security Operations and Incident Response services Identify and implement security process automation, continuously improving processes and tools Be a technical subject matter expert for Security Operations and incident Response services Provide expertise to partnered security teams in mitigation of those threats Communicate complex technical information clearly and concisely to both technical and non-technical audiences Collaborate with partner security teams to offer guidance and bolster support of the organization's security infrastructure Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work Influence and align the team's vision and strategy the successful candidate will be required to undergo a security clearance process and therefore you will be required to have at least 3 years UK residency within the last 5 years. We will also need to confirm your employment/ educational history over the last 3 years in order to qualify.

Other Functions:

Follow proper internal controls as necessary to conduct job functions and/or carry out responsibilities and/or administrative activities at the Company. Perform special projects and other duties as may be assigned. Establish and build strong working relations and partnerships with other teams, Group Companies, and senior management.

Qualifications:

5 or more years of experience in an operational cybersecurity role 2 or more years of hands-on experience in an incident response role utilizing CrowdStrike Experience developing and delivering on incident and program status for leadership Experience in threat hunting including leveraging intelligence data to proactively find and iteratively investigate suspicious behavior across networks and systems Experience analyzing network and host-based security events Proficient System Administration with either Microsoft Windows or Linux Proficient with CLI shells such as PowerShell or bash Proficient with Security Log infrastructure configuration such as Windows Event Forwarding (WEF) or syslog Proficient in an interpreted language such as Python, Perl, or Ruby Familiarity with regular expressions Familiarity with Large Language Models tools such as Ollama Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux Knowledge of networking technologies, specifically TCP/IP and the related protocols Understanding of networks, operating systems, and architecture and how they affect the security posture of a company Demonstrate a strong problem-solving aptitude Demonstrate ownership of projects or tasks Strong verbal and written communication skills Poise and ability to act calmly and competently

BDP offers

In return, BDP can offer you a wide range of learning opportunities to encourage personal and professional career development. From sponsorship to profession led CPD events, we also offer annual appraisals and a mentoring scheme that is supported by our internal online learning platform.


We are committed to being an employer of choice and offer a competitive remuneration and benefits package that includes an employee profit share scheme, tax efficient smart benefits, private medical insurance, life insurance, long term sickness insurance, interest free season ticket loans, health screening, opportunity to buy/swap holidays and enhanced maternity and paternity provision, plus many more.


We offer regular international, and studio based social, sporting and charitable events. Some recent events include month-end socials, a hiking club, wellbeing webinars and toolbox talks. Our variety of employee forums gives everyone the platform to have a voice and be heard which drives cultural changes and helps to create an engaged, inclusive organisation.


To find out on more detail about what BDP can offer you, please visit: https://www.bdp.com/en/careers-at-bdp/why-join-bdp/.

To apply

To apply for the role please visit the BDP Recruitment System and click on the 'Apply' button below the vacancy. You will then need to complete the online application form and attach an up-to-date CV with a cover letter (<400 words) outlining how your skills and experience match the requirements for the above job description. Your application will then be passed onto our recruiting directors for review. If successful, you will be notified by our system inviting you in for an interview, either being held in person or via Microsoft Teams.


BDP is actively fostering an inclusive organisation where people can be themselves and everyone has a sense of belonging. We want our teams to be diverse at every level, reflecting the communities we design for. As designers, we will create spaces for all that promote equity, wellbeing and participation within the built environment. We actively encourage people from a variety of backgrounds with different skills, professional and life experiences, to join us and help us to achieve our aspirations. We also welcome applications from candidates who wish to work flexibly. BDP also operates a hybrid working policy.

No agencies of third-party applications, please.