IT Security Engineer
We are currently looking to recruit an IT Security Engineer, who will form part of our Security Engineering & Operations team within a major brand in Financial Services. The role has a shared, rotational on-call requirement and also forms part of information security incident response capability.
As a Security Engineer, you will oversee the technical implementation of security services and controls and provide subject matter expertise that supports stable operations.
What being our Security Engineer involves
- Responsible for reviewing, validating and assuring that new services meet all operational security requirements and are fit for delivery
- Provide technical oversight of all security tools and infrastructure services in use across the IT estate, and make recommendations on configuration improvements, and driving changes through with the relevant third party.
- Design firewall access rules that meet the business requirements and maintain adherence to security policies and standards.
- Monitor and respond to emerging threat patterns, vulnerabilities and anomalies and provide escalations of any unknown threats to the Security Engineering Lead.
- Responsible for providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management.
- Responsible for collaborating with the Security Architecture team to report appropriate operational issues that may be resolved at an architecture level.
- Responsible for collaborating with the Threat Intelligence team to identify opportunities for security controls optimisation in line with threats affecting technology services.
Skills we are looking for
- Ability to develop and maintain relationships with various stakeholders
- Strong working knowledge of security management principles and practices, including vulnerability management, event management and application security
- Strong practical experience with security technologies such as Web Application & Network Firewalls, Intrusion Detection / Prevention Systems and Advanced End-point Protection.
- Strong analytical skills to monitor information and perform detailed data analysis to identify any vulnerabilities.
- Logical thinker with a strong analytical background
- Understanding of Java, Python or PHP programming language
- Security qualifications such as CISM, CISSP or CISA are required
- Security qualifications such as SANS Enterprise Defender (SEC501) or EC-Council Certified Ethical Hacker (CEH) are advantageous.
Please send your CV or contact Alex Williams at Gerrard White Consulting for more details.
This job was originally posted as www.totaljobs.com/job/81435625