Cyber Security Engineer (all genders)

About the role

Evotec’s Cyber Security team is looking for a motivated Cyber Security Engineer to design, implement and maintain security controls across multiple technology domains. The position is full‑time, permanent and can be performed on‑site, in a hybrid model, or remotely within the UK, France, Germany or Italy.

Key responsibilities

• Design, implement and maintain security controls for network, cloud, application, endpoint and backup systems.
• Plan, deploy and manage cybersecurity tools such as XDR, SIEM, IOC scanners, vulnerability scanners, EASM and network traffic analysis solutions.
• Collaborate with security architects and the SOC to ensure alignment with security architecture and guidelines.
• Conduct security assessments, vulnerability scans and penetration tests to identify and remediate risks.
• Support SOC operations, investigate alerts, perform forensic analysis and execute remediation actions.
• Work with cross‑functional IT teams to embed security requirements into projects and solutions.
• Develop and maintain documentation, technical guidelines, standards and procedures.
• Stay current on security trends, emerging threats and best practices.

Required profile

• University degree in Computer Science, IT or a related field, or equivalent professional experience.
• Proven experience in security engineering across multiple domains (e.g., application security, security operations, vulnerability management).
• Software development and automation experience with at least one programming language and familiarity with version control, peer reviews and CI/CD pipelines.
• Strong understanding of open‑source software security and ability to mitigate related vulnerabilities.
• Excellent problem‑solving abilities and strong communication skills for stakeholder management.
• Good written and verbal English; additional German, French or Italian is a plus.

Required skills

• XDR, SIEM, IOC scanner, vulnerability scanner, EASM, network traffic analysis tools.
• Security controls for cloud, network, application, endpoint and backup environments.
• Programming/scripting (any language), version control, CI/CD.
• Knowledge of security standards such as ISO27001, NIST CSF or SOC2 (optional).