Job Specifications
Sheffield City Centre (office-based)
Salary: £40,000 - £50,000
We are looking for a Cyber Security Operations Engineer with strong SecOps, IAM, and cloud security experience to help elevate our security posture. You will focus on identity, access governance, endpoint protection, threat detection, and operational security controls, while collaborating closely with our platform and engineering teams.
Reporting directly to the Chief Technical & Product Officer, this is a hands-on role where you will design, implement, automate, and maintain security controls across our cloud, SaaS, and device estate. You’ll help mature our security operations, strengthen defences, and proactively reduce risk across the business.
While the role is security-first, a working understanding of cloud platforms (AWS) and modern engineering workflows will help you partner effectively with our platform team.
Key Responsibilities
Identity & Access Management (IAM)
Own identity security across Entra ID and SaaS platforms.
Implement and maintain Access policies aligned to best practice.
Automate Joiner, Mover, Leaver (JML) processes where possible.
Conduct monthly access reviews for critical systems and automate reporting.
Enforce least privilege, role-based access, and credential hygiene across all environments.
Security Operations
Maintain an inventory of all SaaS applications, users, and access patterns.
Manage endpoint security tools (AV/EDR) and ensure full device coverage and compliance.
Monitor and enhance logging, alerting, and detection pipelines across cloud and SaaS systems.
Work with our SOC partner on investigations, tuning, alert health, and visibility gaps.
Perform vulnerability management across identities, devices, and cloud workloads.
Threat Intelligence, Hunting & Monitoring
Integrate relevant CTI insights and attacker TTPs into detection and response workflows.
Conduct targeted threat hunts using IOCs, behavioural patterns, and identity anomalies.
Improve detections based on real-world threats relevant to UniHomes.
Governance, Compliance & Operations
Contribute to incident response planning and participate in post-incident reviews.
Pro-active PEN testing and ownership of PEN test reporting.
Support audit readiness by producing evidence of controls and maintaining documentation.
Improve security processes, playbooks, and automation across IAM, SaaS, cloud, and endpoints.
Clearly communicate security status, risks, and improvements across teams.
Platform Collaboration (not ownership)
Work with platform engineers to ensure workloads follow secure configuration principles.
Provide guidance on IAM, network access, logging, and hardening for AWS services.
Support platform initiatives (e.g., observability, configuration standards, resilience) where security input is required.
Skills And Experience
Essential
SC-900 Compliance & Identity Fundamentals
Microsoft Certified Associate-level certifications in either SC-300/200/400/500
Strong experience in identity security (Entra ID / Azure AD).
Good understanding of IAM principles: RBAC, least privilege, Conditional Access, MFA.
Experience with security operations, logging, and incident handling.
Understanding DLP, or data governance tooling.
Familiarity with Cyber Essentials, ISO27001, PCI DSS, or similar frameworks.
Exposure to SIEM/SOC tools and detection tuning.
Hands-on experience with EDR/AV platforms and device security.
Familiarity with automating security tasks using PowerShell, Python, or similar.
Experience managing SaaS applications, user access, and configuration drift.
Understanding of cloud security fundamentals (AWS or Azure).
Strong analytical and problem-solving skills with attention to detail.
Effective communication skills and ability to work cross-functionally.
Proactive mindset with a desire to continuously improve security posture.
Desirable
Experience with Infrastructure-as-Code concepts.
Basic knowledge of Kubernetes (EKS) and container security.
Experience supporting or participating in audits.
About Us
At UniHomes, we’re on a mission to transform the entire student rental experience across the UK. As the market-leading student accommodation advertising platform and utility management service provider, we make finding and securing all-inclusive student accommodation simple, seamless, and stress-free.
We’re not just another platform. UniHomes is developing innovative technology to deliver one go-to destination that supports the entire student rental journey. With an unwavering focus on our students, partner letting agents, operators and suppliers, we continually evolve and enhance our products and services to exceed expectations, while tackling market complexity with ease and transparency.
Since launching in 2015, we’ve experienced rapid growth. Today, we operate in 60+ cities, partner with 1,000+ agents and operators, and are backed by Macquarie Capital and LDC. Our success has been recognised with accolades from EY Entrepreneur of t