Description:
This is an exciting opportunity for a proactive, technically-minded, and organised Senior Cyber Security Engineer to take a leading role in running our Cyber Security Operations. You will have the opportunity to make your mark by refining our security posture, and working closely with our IT, Data, and Compliance teams. The ideal candidate will review and improve technical controls, processes, and procedures, work with suppliers to monitor service KPIs and SLAs, and strive for exceptional standards of cybersecurity engineering.
What You’ll Do
Security Operations & Incident Response
- Investigate security alerts and assist with incident response, escalating where required.
- Assisting in the creation of incident management plans and play books.
- Work with 3rd parties to monitor for attacks, intrusions, and unusual, unauthorised, or malicious activity.
- Provide assurance in relation to 3rd party security service providers, escalating issues for resolution where appropriate.
Threat Intelligence & Vulnerability Management
- Keeping up to date with the latest security and technology developments , actively researching and evaluating emerging cyber security threats and ways to manage them.
- Support penetration and vulnerability testing, reviewing results, and supporting remedial activities.
- Demonstrates an understanding of the organisational attack surface.
Identity, Access & Data Protection
- Monitor identity and access management, including monitoring for abuse of permissions by authorised system users.
- Monitor and respond to 'phishing' emails and 'pharming' activity.
Risk, Governance & Compliance
- Generate reports for both technical and non-technical staff and stakeholders.
- Maintain an information security risk register and assist with internal and external audits relating to information security.
- Providing input into monthly risk reporting and control matrix (RACM) and associated reporting.
- Provide input into information security policies, standards, and procedures.
Security Architecture, Culture & Leadership
- Test and evaluate security products , and provide input and support for projects to improve and ensure ongoing security.
- Act as a security evangelist supporting staff and projects across the organisation.
- Assist with the creation, maintenance, and delivery of cyber security awareness training for colleagues.
- Mentor train and provide technical leadership to junior members of the team.
Who You Are
- Core Experience: Must have demonstrated prior experience in a similar analyst or engineer role, including operational experience in cybersecurity incident response and threat hunting.
- Cloud & Network Security: Good understanding of encryption, network, and cloud security. Familiar with Zero trust, CASB, cloud-first concepts, and relevant security tooling. Has a good understanding of techniques for securing and monitoring cloud and network environments, specifically Azure, GCP and AWS.
- Identity & Endpoint Protection: Knowledge and operational experience with Active Directory and modern Identity and Access Management (IAM) solutions (e.g., Okta, Azure AD). Experience with modern endpoint protection (EDR/XDR) is also required.
- Security Tooling: Experience configuring and managing event sources and log collectors for SIEM ingestion. Operational experience in maintaining vulnerability scanning scheduling, policy configuration, and reporting including Cloud Security Posture Management. Any Linux experience is a bonus although this will be minimal.
- Soft Skills: Passion for cyber security and up to date on the latest security technologies. Good written communication skills, for example, to write technical reports. Excellent communication skills and the ability to build strong relationships are a prerequisite.
Nice to Haves
- Industry-recognised certifications: CompTIA Security+, Azure Security Engineer, AWS Certified Security, Google cloud security engineer, CCSP, CISSP, CEH, CISM or are working towards one (or more) of these qualifications.