Endava is seeking an experienced Cyber Operations Engineer to support the operational effectiveness, governance, and continuous improvement of enterprise cyber security tooling and control implementations.
This role focuses on ensuring that security platforms and controls are correctly configured, optimised, and delivering effective protection across enterprise environments including endpoints, identity platforms, cloud services, email systems, and network infrastructure.
Working closely with Security Operations (SOC), Cyber Engineering, Threat Intelligence, and IT Operations teams, the Cyber Operations Engineer acts as a key link between security design and operational execution. The role translates threat intelligence insights, attack patterns, and incident learnings into actionable improvements to security tooling, detection capabilities, and preventative controls.
The successful candidate will contribute to strengthening security posture by improving configuration management, reducing operational friction in cyber tooling, and enabling scalable, automated security control management.
Responsibilities:
- Maintain and continuously improve the configuration, performance, and effectiveness of enterprise security tools and platforms.
- Ensure cyber security controls across endpoint, identity, cloud, email, and network environments are operating as designed and aligned with security standards.
- Identify opportunities to automate configuration management and control deployment to reduce manual effort and operational risk.
- Partner with SOC teams to improve detection coverage, alert fidelity, and operational response capabilities.
- Reduce false positives and improve signal quality across detection and monitoring platforms.
- Collaborate with Threat Intelligence, Threat Hunting, Vulnerability Management, and Cyber Engineering teams to identify security tooling gaps and control weaknesses.
- Design and implement preventive and detective control improvements based on incident trends and emerging attack techniques.
- Support governance and oversight of security tooling by ensuring configurations align with approved security policies and standards.
- Maintain documentation of control configurations, operational procedures, and security tooling intent.