About us:
Amach is an industry-leading technology driven company with headquarters located in Dublin and remote teams in UK and Europe.
Our blended teams of local and nearshore talent are optimised to deliver high quality and collaborative solutions.
Founded in 2013, Amach was created to solve a specific problem in aviation: too much complexity, too little usable intelligence. We help airlines modernise their operating model using cloud, data and Al-delivered by teams with deep aviation domain expertise.
Our goal is to maximize airlines' operational efficiency by optimizing resource use, reduce costs and increase customer experience and satisfaction.
The Cyber Operations Engineer is responsible for the continuous improvement, governance, and operational effectiveness of the cybersecurity tooling, configurations, and control implementations, focused on strengthening cyber defences.
This role will have a strong emphasis on threat-led security operations, including proactive threat hunting, adversary simulations, and validating the effectiveness of security controls across the enterprise environment.
Required Experience:
- 8+ years cybersecurity and/or IT industry experience, with at least 4 years hands-on experience in relevant roles (security operations, security engineering, infrastructure or cloud engineering)
- Demonstrable experience in threat hunting, detection engineering, purple teaming, or adversary simulation activities
- Demonstratable experience configuring, operating, and improving enterprise-scale security controls
- Experience working in close partnership with SOC and IT operations teams
- Experience collaborating with incident response, threat intelligence, and/or red teams to identify and remediate security gaps
- Practical experience with cyber platforms such as CrowdStrike, Microsoft Purview, Palo Alto
- Relevant Cyber qualifications e.g. CISSP, GCIH, Cloud Security certs, Security+, or similar relevant qualifications
- Background in ethical hacking, penetration testing, or offensive security is highly desirable
- This role is not entry‑level and assumes prior hands‑on experience configuring and tuning IT and/or security tooling across multiple cyber domains (network, cloud, endpoint, email, identity)
- Strong understanding of modern enterprise security controls and how they fail in practice
- Comfortable working with configuration management, change control, and operational governance processes
Key responsibilities & duties include:
- Maintain and continuously improve the configuration and effectiveness of cyber security tools and platforms across:
- Email security controls
- Endpoint and device security (EDR/MDR, hardening)
- Data, Identity and Access Security Controls
- Cloud security controls and native security services
- Network security & Application security tooling (where applicable)
- Proactively perform threat hunting activities to identify malicious behaviour, control gaps, and detection blind spots across the environment
- Design and execute adversary simulation or purple team exercises to test the effectiveness of existing security controls and monitoring capabilities
- Collaborating with Threat Intelligence & Hunting team, Vulnerability team and Cyber Engineering & Architecture to:
- Identify current tooling and/or control gaps and weaknesses
- Recommend and implement configuration or policy improvements
- Design and implement preventive and detective control improvements based on incident learnings
- Translate threat intelligence and real-world attacker techniques into improved detection and prevention controls
- Partner with the SOC to:
- Improve detection coverage and fidelity
- Reduce false positives and alert fatigue
- Ensure controls align with real‑world attack techniques
- Continuously validate and enhance detection logic based on emerging threats and adversary behaviours
- Support governance and oversight of security tooling by:
- Ensuring configurations align with approved standards and policies
- Maintaining documentation of control intent and configuration rationale
- Work closely with Incident Response teams to identify gaps in detection and response, implement improvements across tooling and processes
- Support Cyber Engineering & Architecture with insights and contributions on cyber tooling selection, control design decisions and effectiveness of cyber platforms
- Contribute to the development and maintenance of security configuration standards, baseline cyber standards and operational runbooks
- Assist in the roll-out of new cyber tooling, to transition into operational and support management, with supporting third parties
- Support audits and assessments by providing evidence of control configurations and operational procedures
Desirable skills:
- Working knowledge of at least one scripting or programming language (e.g. Python, Bash, PowerShell)
- Familiarity with MITRE ATT&CK framework and modern attacker techniques
- Experience with threat hunting methodologies, SIEM/XDR detection engineering, and log analysis at scale
- Hands-on experience with adversary simulation tools, red teaming frameworks, or attack emulation techniques
- Experience working with outsourced providers
What’s in it for you:
- An opportunity to join a fast-growing company
- Options for career advancement
- Learning and development opportunities
- Flexible working environment
- Competitive salaries based on experience
Equal Opportunity Employer:
Amach is an equal opportunity employer and makes employment decisions on the basis of merit. We celebrate diversity and are committed to creating an inclusive environment for all employees. This job description is intended to convey essential responsibilities and qualifications for this role, but it is not an exhaustive list of tasks that an employee may be required to perform.
If you are passionate about driving customer success, advising on strategic solutions, and contributing to product innovation, we would love to hear from you!
Not for you?
Check out all of our open positions in our careers page and follow us on LinkedIn for future opportunities.
P.S. Share this with friends and co-workers! Don't be afraid they'll steal it from you, if you're amazing and smart we'll find a role for you. We are growing fast and we are always looking for talented people.
At Amach, we strive to be an inclusive community of open-minded individuals with different backgrounds and we are committed to fostering, cultivating and preserving a culture of diversity, equity and inclusion. We strongly believe that a diversity of experience and background is essential to create a fulfilling environment and better solutions for our people and our customers. All Amach employees and contractors are expected to honour this policy and act to ensure that every individual is respected in the workplace.
Your personal data
Amach will process your personal information in accordance with the EU's General Data Protection Regulation (GDPR). We will comply with data protection law and principles, which means that your data will be:
- Used lawfully, fairly and in a transparent way
- Collected only for valid purposes and not used in any way that is incompatible with those purposes
- Relevant to the purposes we have told you about and limited only to those purposes
- Accurate and kept up to date
- Kept only as long as necessary for the purposes we have told you about
- Kept securely
If you would like to contact us about your data, please use the following address: [email protected]
Similar Jobs
What We Do
We help mature organisations evolve into modern digital businesses with faster time to market, increased operational stability and security. We offer a suite of technical services delivered by an experienced team of subject matter experts. Our services can be provided as a fully managed service or as an embedded part of your team. We focus on both short-term and long-term goals that emphasise business outcomes for our customers. Why choose Amach: 1. Business Agility - We focus on removing your IT debt, so that your company can focus on delivering business value to your customers at pace in a secure and reliable manner. 2. Cost Reduction - We help reduce your IT costs across all domains. This includes operational costs in both cloud and your data centres, licencing, evergreening, and reducing project delivery timelines. 3. Operational Stability - We will modernise your IT systems ensuring operational stability and resilience, to ensure the end user experience for both customers and staff are enhanced. 4. Enable Innovation - By removing IT debt, we create space for your team to focus on innovation, ensuring business longevity and futureproofing. We bring both sector experience and lessons learned. 5. Security - We address the overall architecture to ensure security by convention vs configuration. We promote DevSecOps practices, so security isn’t seen to prevent teams from delivery in an efficient manner. 6. Improve Employee Experience - We create and implement your EUX strategy that adapts to a changing world, while improving security and user efficiency - resulting in improved colleague satisfaction and retention. 7. Sustainability - Achieve your sustainability goals through optimising your overall IT footprint and reducing costs. We thrive on delivering customer value in every interaction. If you are interested in hearing more or to see how we could help you, please get in touch [email protected]









