Information Security Engineer
A critical role in maintaining the security of our systems, infrastructure and applications, for an experienced, self starting, cybersecurity expert.
The primary responsibility for the Information Security Engineer position will be maintaining, evaluating, and testing the security of all our systems, infrastructure, and applications. They will assist with the ongoing protection of digital assets, and the maintenance and expansion of the security architecture. They will also be a key part of R&D projects, so a genuine interest in new technologies is essential.
The successful candidate will show a passion for security, have meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure, have excellent interpersonal skills, demonstrate Advanced written and oral communications, be a team player and independent worker, highly adaptive, and deliver on rapidly changing deadlines. The successful candidate may also be required to work outside of the contracted hours including but not limited to weekends.
The candidates must be residing in the UK and can both work remotely and in the office.
- Responding to and resolving cyber incidents efficiently.
- Manage and monitor security systems.
- Support in reviews to improve security within the business/systems.
- Liaise with the infrastructure team to maintain a secure environment.
- Assist infrastructure/team lead in ongoing and new projects.
- Conduct cyber incident testing.
- Assisting with the development and implementation of security policy, standards, guidelines, and procedures to ensure ongoing improvement and maintenance of security posture.
- Maintaining documentation at a high standard.
- Assisting the development team with their QA and Software Development Life Cycle (SDLC) to ensure best security practices are followed at all times.
- Experience with deploying and using Security Information and Event Management (SIEM).
- Knowledge of current operating systems i.e., Windows Server 2016-2019, Windows 10, Mac OS, and Linux.
- Microsoft Policy & Security – GPO’s, Patching (WSUS), Defender Antivirus & Firewall.
- Penetration Testing exposure/awareness.
- Experience performing technical analysis involving security event data and evaluating malicious activity.
- Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN, etc., and accompanying protocol/packet analysis/manipulation tools.
- Strong analytical and problem-solving skills.
- Knowledge of delivering and maintaining compliance and security standards – such as GDPR, ISO 27001, and those published by the NCSC.
- Strong knowledge of security technologies, including MFA, RADIUS, NGFW (NextGen Firewall), WAF (Web Application Firewall), IPS (intrusion prevention), IDS (intrusion detection)
- Relevant certifications such as SSCP.
- Minimum 3 years experience in cybersecurity and a strong interest in the field.
Desirable Skills and Experience:
- Experience with Cloud Infrastructures – AWS/Azure.
- Experience with virtualized systems such as hypervisors i.e. VMware
- Desirable certificates include Security+, CySA+, GIAC.