Infrastructure Security Engineer - Asset Management

Gravitas Recruitment Group Ltd
United Kingdom
£350 - £650 pa
05 Oct 2017
07 Nov 2017
Contract Type
Full Time
Infrastructure Security Engineer - Asset Management - 6 month rolling contract

Our client is a leading asset manager based in the city that are looking for an Infrastructure Security Engineer with extensive technical knowledge of security systems to join on a 6 month rolling contract. The role will sit in the IT Operations and Facilities department, and they are willing to see candidates from all levels of experience, with a flexible rate that reflects this.

Role responsibilities:
*Define, implement and maintain corporate security policies
*Work with existing infrastructure and project teams to agree standards for secure infrastructure architecture across on premise and cloud services.
*Raise the level of knowledge of secure infrastructure practices within teams through regular engagement and other forms of education.
*Work with existing infrastructure and project teams to deliver secure, controlled infrastructure changes. Collaborate with colleagues on proposed security designs, where required performing consultancy and offering alternate solutions.
*Perform vulnerability testing, risk analyses and security assessments to inform delivery.
*Assessment and approval of changes, designs and systems for policy compliance.
*Test security solutions using industry standard analysis criteria.
*Engineer, implement and monitor security measures for the protection of computer systems, networks and information.
*Maintain technical documentation.
*Develop a familiarity with new tools and best practices.

Skills and Experience Required
*Experience in leading security incident response including identification, preservation and interpretation of computer evidence.
*Excellent technical knowledge of database and operating system security.
*Scripting for compliance monitoring
*Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
*Extensive technical working knowledge of security systems including:
oNetwork and application firewalls.
oIDS/IPS systems.
oWeb Proxies and Content Filtering.
oEndpoint security including antivirus, host based firewalls and execution control.
oAuthentication technologies
oNetwork Access Management.
oPrivilege Access Management.
oLog Management - Ideally LogRhythm including events, collection & parsing, correlation, investigation and reporting.
oVulnerability Management
*Working knowledge of the following technologies:
oMicrosoft Windows
oVMWare including VDI.
oMS-SQL or other relational database systems.
oFinancial Service technologies (i.e. FIX, Bloomberg).
*Familiar with
oDefence in Depth techniques.
oCloud Secrets Management (Cloud Vaults / Key Management & Rotation / MFA / Passwords).
oFSI Regulations and how to ensure compliance to these during SDLC.
oPublic Cloud (AWS/Azure) security concepts (Virtual Networks/VPC, Log and Incident procedures).
oAutomation / Infrastructure as Code concepts and how security influences how infrastructure / application stacks can be provisioned.
oCode Scanning tools like SonarQube FxCop, and VeraCode.
*Previous experience working in a technical information security role with similar responsibilities to the above.
*ISC2 CISSP certificated (or equivalent).

If you are interested to learn more, please send your CV for immediate consideration.

This job was originally posted as