Summary:
As a senior cyber security engineer, you will be ready to take on complex security challenges within a dynamic environment. This position offers an opportunity to make a significant impact within a respected financial organisation, driving continuous improvement in security standards and protocols. This role is offering hybrid working with amazing benefits, such as extended holiday, budgets for training, gym subsidy, healthcare/dental, and a 15% pension
Key Responsibilities:
- Conduct thorough investigations of security alerts from our XDR, SIEM, email security gateway, and DDoS tools, in collaboration with the managed SOC team.
- Lead technical incident responses and investigations when necessary, ensuring swift containment, remediation, and business recovery following any cyber security incidents.
- Implement and enhance security measures to protect our IT infrastructure, ensuring the effectiveness of technical security controls.
- Drive the development and implementation of automation use cases across security tools to streamline security processes.
- Investigate and respond to security incidents, providing timely reports and updates to management.
- Monitor security logs and events to identify potential threats or suspicious activities.
- Conduct proactive risk assessments and threat hunting to identify and mitigate security vulnerabilities.
- Coordinate internal and external security assessments, including penetration testing and vulnerability scanning.
- Stay informed on the latest security advancements and best practices to improve the organisation's overall security posture.
- Contribute to the development and maintenance of security standard operating procedures (SOPs).
Required Skills:
- Proven experience in incident investigation and response.
- Comprehensive knowledge across multiple security domains, including Infrastructure, Cloud, Applications, and Networks.
- Practical experience with technical security solutions (detailed below).
- Strong documentation skills for security processes and incident handling.
- Relevant certifications (e.g., CISSP, Security+, Azure Security Engineer).
- Proficiency in Microsoft 365 Defender, KQL, and SIEM solutions (preferably Sentinel or LogRhythm).
- Familiarity with email security solutions (Checkpoint Harmony preferred), Microsoft Azure, Microsoft 365 administration, and Microsoft Windows Server.
Additional Preferred Skills:
- Hands-on experience implementing security audit recommendations.
- Proficiency with vulnerability scanning tools (Tenable or Qualys).
- Background in IT within the financial services sector.
- Expertise in Microsoft Windows 10/11, VMware, Active Directory, DNS, and Microsoft CA.
- Knowledge of networking fundamentals, including firewalls and DDoS mitigation tools.
- Experience with mobile device management software, such as Microsoft Intune.