As a Security Engineer at FSB, you will play a critical role in defending the organisation against cyber threats across web applications, cloud services, and internal infrastructure. You will also champion cyber security best practice across the business, increasing colleague awareness of cyber risks and driving adoption of security training via FSBs learning platform.

This is a hands-on role combining technical security engineering, incident response, stakeholder engagement, and security culture development.

Since 1974, the Federation of Small Businesses (FSB) has been the trusted voice of millions of small businesses and self-employed people across the UK. We support our members to start, run and grow their businesses through expert advice, market-leading benefits, local support, and influential campaigning on the issues that matter most.

The Role

This is a hands-on Securityrole where you will take ownership of FSBs security landscape, working proactively across the organisation to identify risks, strengthen controls, and protect our people, systems, and data. You will engage regularly with technical teams and business stakeholders to understand requirements, provide clear security guidance, and ensure security is embedded into everyday operations.

What you will be doing

• Maintain, configure, and monitor leading security technologies including Cisco SEG & Web Filter, CrowdStrike, Abnormal AI, Microsoft 365 security tooling, FortiGate Firewalls, and Cloudflare.
• Monitor, triage, and respond to security alerts and incidents affecting web, cloud, and internal environments, supporting investigation, containment, eradication, and lessons learned.
• Engineer, implement, and continuously improve security controls across endpoints, identity, networks, SaaS platforms, cloud services, and on-premise systems.
• Identify vulnerabilities and misconfigurations through scanning, logging, threat modelling, and configuration reviews, driving remediation with technical teams and service owners.
• Support secure delivery of web applications and APIs, working closely with Web and Salesforce teams and advising on common risks such as the OWASP Top 10.
• Develop and maintain security monitoring use cases, dashboards, and detection rules, tuning alerts to reduce false positives and improve coverage.
• Contribute to security architecture and design reviews, ensuring security-by-design and appropriate risk treatment for new and changed services.
• Maintain and improve security documentation, standards, and runbooks, ensuring they are practical and widely adopted.
• Support security certifications and frameworks (e.g. Cyber Essentials, ISO27001), including evidence collection, readiness activities, and continuous compliance.
• Lead and champion security awareness initiatives, including communications, briefings, and targeted guidance on threats such as phishing, credential theft, and social engineering.
• Promote and increase completion of security training via FSBs learning platform, designing role-based learning campaigns and reporting outcomes.
• Ensure secure-by-design principles are embedded across all IT changes and lead on security input at the Change Advisory Board.
• Work closely with Senior Management Team IT & Change colleagues to prioritise security improvements and reduce organisational risk.
• Ensure security-related changes and risks are communicated clearly and promptly to the wider business.
• Stay up to date with threat intelligence and emerging risks, translating insights into actionable security improvements.
• Provide the Head of IT & Change with a weekly security report.
• Mentor 1st and 2nd Line IT Support colleagues on security-related tasks and best practices.
• Undertake other duties relevant to the department, as directed by the line manager.

Experience (Essential)

• 5+ years experience in an IT Engineer or security-focused role.
• Hands-on experience in security engineering, SOC, blue team, or infrastructure security.
• Experience producing and maintaining security documentation (standards, procedures, runbooks).
• Experience supporting Cyber Essentials, ISO27001, or similar frameworks, including audit readiness.
• Familiarity with vulnerability management tools and workflows.
• Experience managing email security, web security, WAFs, Azure tenants, firewalls, and SaaS platforms from a security perspective.

What We Offer

In addition to a fulfilling career with FSB,youllalsobenefitfrom:

• 26 days holidays per year plus bank holidays with theoptionto buy 3 days with your Annual Flex Pot*

• Annual Flex Pot* to spend on benefits includingadditionalpension,additionalholidays,additionalcritical illness cover,additionallife cover, cycle to work scheme and discounted gym membership

• Health cash plan*(Access to claim backnumerousbenefits, including towards dental treatment, optical, chiropody, physiotherapy, counselling,healthand wellbeing)

• Critical illness and income protection insurance*

• Enhanced Maternity and Paternity Pay

• Access to an employeeassistanceprogramme and mental health first aiders

• Group Personal Pension (GPP)

*Applicable on completion of probationary period and subject to terms

How to apply

All applications to be received by17 May 2026. Any applications received after this date will be held on file for a maximum of 6 months and reviewed if the first round of applicantsareunsuccessful.

Additional Information

All applicants must be able to provide at interview stage their highest education certificates as listed on their CV and verification of their eligibility to work in the UK.

As an equalopportunitiesemployer, FSB is committed to the equal treatment of all current and prospective employees and does not condone discriminationon the basis ofage, disability, sex, sexual orientation, pregnancy and maternity, race or ethnicity, religion or belief, gender identity, or marriage and civil partnership. We believe there isa strong casefor the Equality, Diversity and Inclusion agenda and aspire to have a diverse and inclusive workplace, where all employees can bring their whole self to work. We strongly encourage suitably qualified applicants from a range of backgrounds to apply and join FSB. Candidates with a disability who require reasonable adjustments should contact the HR department.

Applicants are advised toapply early. We reserve the right to close a vacancy prior to the closing date if a high number of applications are received. If you are successful and short listed for interview you will be contacted by email.