Security Operations Engineer
You think creatively, with an analytical approach and a proven track record as a Security Operations Engineer. You are organised, logical, self-motivated and driven to succeed.
You're hard working and you get things done. You enjoy making a difference and relish learning and self-improvement.
A quick learner with exceptional communication and organisational skills, you are bright and sociable with a positive “can-do” attitude.
The Security Operations Engineer will implement and enhance security controls to improve the security posture of the group.
As Security Operations Engineer within the Site Reliability Team, you will monitor security controls continually and lead on operational security control implementations. Working with the ISMS Manager, Compliance and Engineering teams you will to ensure that remediations are implemented in a timely fashion.
The Site Reliability Team (SRT) are responsible for:
- The availability, performance, monitoring, and incident response of the production and back office products, platforms and services
- Providing operational support across the core platforms including testing, improving and maintaining new and existing systems, and working closely with all engineering teams to ensure system consistency
- Ensuring operational standards are met and relevant documentation, knowledge bases and operational manuals/runbooks are maintained
- Rapidly resolving incidents and problems following the company’s incident management procedures
- Working through a backlog of improvements and maintenance tasks and raising “reliability” projects for larger developments
- Contribute to engineering roadmaps including key items such as upgrades, technical refreshes and new versions
Your duties will include:
- Prioritisation and triage of security issues based on severity and risk
- Collaboration with engineering teams to evaluate and remediate security issues within the company infrastructure
- Providing best practice guidance to engineering teams on security of Software as a Service Products
- Monitoring and reporting on key metrics regarding the company's security posture to stakeholders
- Advocating and championing security within the organisation
- Designing and specifying work packages for other teams to implement security improvements across all environments and Products
- Working in alignment with existing change control systems to ensure the rollout of security improvements are harmonised with existing workstreams
- Leading technical security implementations to fulfil key security control requirements
- Working to ISO 27001 standards and upholding the existing ISMS in collaboration with the Information Security Manager.
You will be an exceptional candidate, with experience in a similar role. In particular we are looking for candidates who have:
- Prior work experience in an Information Security role
- Experience within either a Security Operations Centre (SOC) or an infrastructure security/system administrator role
- Experience of applying security controls to Microsoft Windows and/or LINUX based environments
- Have or working towards security accreditations
- Excellent communication skills
- Strong analytical and problem solving ability
- Professional and confident communication skills
- Strong organisation and prioritisation skills
- Professional, calm and resilient approach to any security incidents
- Good level of verbal and written technical English
- Previous experience with working in an ISO 27001 and/or PCI environment
- Experience of analysing and securing Software as a Service Solutions from end to end
- Experience of securing Cloud solutions
- CEH / CREST CRT, OSCP Certified
- Security+, ISC2 security accreditation (SSCP, CISSP)
- BCS Certification in Cyber Security / IT Security (Practitioner or above)
Alongside working in a great working environment and a very competitive salary, you will also receive some fantastic benefits, including an Annual Bonus, Vouchers for Christmas (£350), Private Health Care, Dental, Monthly Socials, 27 days holiday, your birthday off work, the opportunity to buy and sell holidays and many more.