Working for a security vendor, you will be responsible for working closely with existing cyber security engineers with the company’s full suite of cyber security tools whether that will be configuring, optimizing or testing.
In addition your role will help support the cloud security engineer validating that cloud services and applications are designed and implemented to the highest security standards. The candidate will often liaise with other areas of the business such as infrastructure and product development in the discovery and addressing of security issues as well as reacting to new threats.
Main tasks and responsibilities:
- Work with Dev/Ops Teams to design and recommend Cloud security controls to protect key Infrastructure for multiple cloud platforms including Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform.
- Be part of a team responsible for the management, implementation, maintenance and configuration of operational security systems and security service capabilities, aligned to IT Security strategy and applicable security standards
- Responsible for maintaining and using security engineering standards, processes, procedures and guidelines
- You will be expected to recommend solutions to business challenges while following security best practices
- Implement security features and monitoring tools, performing periodic security assessments.
- Respond swiftly to new and emerging security threats and vulnerabilities, investigating suspected attacks and helping manage security incidents.
- Build automation to actively audit the infrastructure for security misconfigurations of AWS, Azure or GCP
- The successful candidate will need a combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks
- Demonstrable experience of security engineering systems and controls, including, vulnerability management, web content filtering, intrusion prevention, SIEM, email security, DLP, IAM, O365 and AWS and Azure including the ability to construct custom signatures and investigate intercepted traffic/logs
- Advanced knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security.
- Strong Technical knowledge of secure engineering principles, privacy (DPA / GDPR) and compliance law and standards (OWASP\ISO\ISF\NIST)
- Knowledge and understanding of ISO27001, ISO31000, PCI DSS; knowledge of other security standards and frameworks advantageous
- Certification from CISSP or other certifications at the discretion of the hiring manager such as CESG Certified Professional – IA Architect, AWS Security Engineer
- 6+ years’ experience of managing security solutions (SIEM, IPS, DLP, CASB, EDR etc)
- Solid understanding of Amazon Web Services (AWS) including VPC, IAM, KMS, EC2, CloudTrail, AWS Inspector, Guard Duty and other AWS tools are an advantage
- Someone who is passionate about cyber security operations and a desire to continuously learn and use new technologies
- Strong interpersonal skills coupled with the ability to communicate effectively
- Demonstrable teamwork skills and resourcefulness
- Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge
- A high degree of confidentiality and integrity needed for this role
- Build relationships with all staff to promote security throughout the business
- Strong sense of ownership, urgency, and drive
- Sharp analytical abilities and proven design skills
- Competitive salary & flex bens
- Flexible locations / remote