Cyber Security Engineer

Stevenage

Join MBDA's cutting-edge cyber security team and help protect some of the most advanced defence technologies in the world. As a Cyber Security Engineer, you'll be at the forefront of innovation-enhancing the visibility, automation, and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters.

Salary: Circa £50,000 - £60,000 depending on experience

Dynamic (hybrid) working:2 days per week on-site due to workload classification

Security Clearance: British Citizen or a Dual UK national with British citizenship

Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team.

What we can offer you:

• Company bonus: Up to £2,500 (based on company performance and will vary year to year)
• Pension: maximum total (employer and employee) contribution of up to 14%
• Overtime: opportunity for paid overtime
• Flexi Leave: Up to 15 additional days
• Flexible working: We welcome applicants who are looking for flexible working arrangements
• Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments
• Facilities: Fantastic site facilities including subsidised meals, free car parking and much more

The opportunity:

The Cyber Security Engineer plays a vital role in maintaining and optimising SOC tools and environments to ensure peak performance and visibility across MBDA's networks. You'll focus on Splunk optimisation, SOC automation, and the integration of emerging technologies-driving continuous improvement and resilience within our cyber ecosystem. Reporting to the Cyber Security Capability Manager, you'll collaborate closely with engineers, analysts, and other security stakeholders to meet the ever-evolving challenges of the cyber threat landscape.

Key responsibilities include;

• Act as the subject matter expert (SME) for Splunk across all cyber security and observability use cases.
• Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies.
• Support alert tuning, connectivity, and visibility across monitored networks and infrastructure.
• Maintain and document SOC integrations, ensuring accurate configuration and performance visibility.
• Oversee SOC appliance maintenance, including patching, software updates, and certificate management.
• Support the creation and testing of playbooks, scripts, and automation workflows to enhance SOC efficiency.
• Track and coordinate upgrades and lifecycle refreshes of SOC tools in line with end-of-support timelines.
• Collaborate with Information Management (IM) teams to recover from service disruptions and enhance tool performance.
• Provide expert input at incident and problem management meetings, supporting remediation and recovery efforts.
• Contribute to proof-of-concept (POC) testing and integration of new security capabilities.
• Support the SOC during investigations by creating advanced queries and scripts to identify root causes or indicators of compromise (IOCs).
• Deputise for other Cyber Security Engineers during absences to ensure continuity of capability

What we're looking for from you:

• Strong coding and scripting skills (PowerShell, Python, Regex).
• Proven experience working with APIs (HTTP/S, JSON).
• Hands-on expertise with Splunk Enterprise Security-including upgrades, data ingestion, and optimisation.
• Experience with Proxies administration, Windows (SMB) and Nix (NFS) storage, IIS configuration, and Active Directory/LDAP authentication.
• Proficiency in managing certificates, applying software updates, and supporting end-of-life refresh activities.
• Experience with VMware or Hyper-V environments and virtual networking.
• Demonstrated capability in implementing and maintaining cyber security tooling.
• Familiarity with AI or machine learning for workflow and playbook optimisation.

Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given

MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom.

We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more

We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process.

Follow us on LinkedIn (MBDA), X Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.