Security Engineer

Security Engineer

We’re looking for an experienced Security Engineer to take ownership of FSB’s security landscape, working proactively across the organisation to identify risks, strengthen controls, and protect our people, systems, and data.

Hours: 40 hours per week

Salary: £50,000

Location: Remote (UK based)

Status: Permanent

Closing Date: 17th May 2026

As a Security Engineer at FSB, you will play a critical role in defending the organisation against cyber threats across web applications, cloud services, and internal infrastructure. You will also champion cyber security best practice across the business, increasing colleague awareness of cyber risks and driving adoption of security training via FSB’s learning platform.

This is a hands-on role combining technical security engineering, incident response, stakeholder engagement, and security culture development.

Since 1974, the Federation of Small Businesses (FSB) has been the trusted voice of millions of small businesses and self employed people across the UK. We support our members to start, run and grow their businesses through expert advice, market leading benefits, local support, and influential campaigning on the issues that matter most.

The Role

This is a hands-on security role where you will take ownership of FSB’s security landscape, working proactively across the organisation to identify risks, strengthen controls, and protect our people, systems, and data. You will engage regularly with technical teams and business stakeholders to understand requirements, provide clear security guidance, and ensure security is embedded into everyday operations.

What you will be doing

• Maintain, configure, and monitor leading security technologies including Cisco SEG & Web Filter, CrowdStrike, Abnormal AI, Microsoft 365 security tooling, FortiGate Firewalls, and Cloudflare.

• Monitor, triage, and respond to security alerts and incidents affecting web, cloud, and internal environments, supporting investigation, containment, eradication, and lessons learned.

• Engineer, implement, and continuously improve security controls across endpoints, identity, networks, SaaS platforms, cloud services, and on premise systems.

• Identify vulnerabilities and misconfigurations through scanning, logging, threat modelling, and configuration reviews, driving remediation with technical teams and service owners.

• Support secure delivery of web applications and APIs, working closely with Web and Salesforce teams and advising on common risks such as the OWASP Top 10.

• Develop and maintain security monitoring use cases, dashboards, and detection rules, tuning alerts to reduce false positives and improve coverage.

• Contribute to security architecture and design reviews, ensuring security-by-design and appropriate risk treatment for new and changed services.

• Maintain and improve security documentation, standards, and runbooks, ensuring they are practical and widely adopted.

• Support security certifications and frameworks (e.g. Cyber Essentials, ISO27001), including evidence collection, readiness activities, and continuous compliance.

• Lead and champion security awareness initiatives, including communications, briefings, and targeted guidance on threats such as phishing, credential theft, and social engineering.

• Promote and increase completion of security training via FSB’s learning platform, designing role-based learning campaigns and reporting outcomes.

• Ensure secure-by-design principles are embedded across all IT changes and lead on security input at the Change Advisory Board.

• Work closely with Senior Management Team IT & Change colleagues to prioritise security improvements and reduce organisational risk.

• Ensure security-related changes and risks are communicated clearly and promptly to the wider business.

• Stay up to date with threat intelligence and emerging risks, translating insights into actionable security improvements.

• Provide the Head of IT & Change with a weekly security report.

• Mentor 1st and 2nd Line IT Support colleagues on security-related tasks and best practices.

• Undertake other duties relevant to the department, as directed by the line manager.

Experience (Essential)

• 5+ years’ experience in an IT Engineer or security-focused role.

• Hands-on experience in security engineering, SOC, blue team, or infrastructure security.

• Experience producing and maintaining security documentation (standards, procedures, runbooks).

• Experience supporting Cyber Essentials, ISO27001, or similar frameworks, including audit readiness.

• Familiarity with vulnerability management tools and workflows.

• Experience managing email security, web security, WAFs, Azure tenants, firewalls, and SaaS platforms from a security perspective.

What we offer

In addition to a fulfilling career with FSB, you’ll also benefit from: 

• 26 days holidays per year plus bank holidays with the option to buy 3 days with your Annual Flex Pot* 

• Annual Flex Pot* to spend on benefits including additional pension, additional holidays, additional critical illness cover, additional life cover, cycle to work scheme and discounted gym membership  

• Health cash plan* (Access to claim back numerous benefits, including towards dental treatment, optical, chiropody, physiotherapy, counselling, health and wellbeing) 

• Critical illness and income protection insurance* 

• Enhanced Maternity and Paternity Pay 

• Access to an employee assistance programme and mental health first aiders 

• Group Personal Pension (GPP) 

*Applicable on completion of probationary period and subject to terms 

How to apply 

All applications to be received by 17 May 2026. Any applications received after this date will be held on file for a maximum of 6 months and reviewed if the first round of applicants are unsuccessful.