Security Engineer
Working in the Financial Sector with a vibrant energy and commodities trading company generating liquidity across global commodities markets. The company combine deep trading expertise with proprietary technology and the power of data science to be the best-in-class.
You will be joining a team of ambitious individuals who challenge themselves and each other. The company has a culture of empowering exceptional people to become the best version of themselves.
The role:
The Security Engineer will work alongside the IT Security Lead and Infrastructure teams to scale ongoing security and resilience projects to strengthen and protect our core business functions in case of outages. The role will be 60% focused on security and compliance projects, and 40% focused on providing business-as-usual (BAU) security support. Our roadmap for this area is ambitious, and the Security Engineer will play a key role in its roll-out.
What you'll be doing:
- As part of daily BAU operations, proactively protect the business and its information from internal and external threats and risks, embedding technical security best practices, design and architecture.
- Secure development disciplines and technical security controls more deeply into the technical environments across the company to improve security posture and reduce cyber risk exposure.
- Analyse security breaches and incidents to identify their root causes.
- Deliver technical security improvements to the processes, controls and technologies.
- Conduct security assessments through vulnerability testing and risk analysis.
- Perform internal and external security audits.
- Continually update incident response and disaster recovery plans.
What you'll bring:
The role requires you to have strong Cyber Security technical knowledge, and an awareness of compliance requirements.
- A minimum of 3 years' experience in IT Security.
- Knowledge of Information Security and compliance standards such as: ISO 27001, NIST, Cyber Essentials, etc.
- Experience supporting and improving the Microsoft Stack of technologies.
- Experience working in regulated environments such as financial services.
- Experience in incident management, investigations, and response procedures.
- A demonstratable passion for Cyber Security (e.g., Homelab build, ranked on HackTheBox, participating in CTF events).
- Experience tuning, managing and remediating alerts in at least one Cyber Security tool, such as: a SIEM, EDR, UEBA or DLP solution.
- A detailed understanding of network infrastructure, system and application architecture and associated security controls within highly complex environments.
- Robust risk management understanding and capabilities.
- Experience with Security Information and Event Monitoring solutions.
- Experience with Data Loss Prevention technologies.
- Knowledge of Threat Intelligence platforms and Endpoint Security controls.
- Experience with Malware/antivirus systems.
- Ability to take ownership of a project and coordinate with key stakeholders across different teams and potentially unfamiliar technologies.
Desirable Skills:
The ideal candidate will have a background in infrastructure support with a focus on Microsoft Tools, and preferably with experience using offensive security tools and methodologies to help identify areas of improvement.
- Experience with offensive security protocols or Purple Team initiatives.
- Experience with hardening the security of Apple Mac and Linux.
- A degree in Cyber Security, Computer Science, Engineering or any other equivalent Cyber Security qualification.
Benefits & perks
- Competitive salary
- Vitality health insurance and dental cover
- 38 days of holiday (including bank holidays)
- Pension scheme
- Annual Bluecrest health checks
- A personal learning & development budget of £5000
- Free gym membership
- Specsavers vouchers
- Enhanced family leave
- Cycle to Work scheme
- Credited Deliveroo dinner account
- Office massage therapy
- Freshly served office breakfast twice a week
- Fully stocked fridge and pantry
- Social events and a games room