The purpose of the role of the Security Engineer is to act as a senior point of architecture, design, escalation, quality assurance for the overall security and 'back of house' technologies and corporate systems. The role holder will be required to drive connecting appropriate security and infrastructure technologies to deliver customer solutions and service satisfaction, and in ensuring all tools are configured and rules maintained on a timely basis.
The core domain of this role is the integration of technology and systems covering the below (not an exhaustive list) in order to deliver a slick and liked yet secure service with great employee experience and up-to-date manageable rules, configurations and policies as approved by the Technology Director:
- Physical access control
- Identity management / device access controls including multi-factor authentication via on-site and remote access
- Device security and malware avoidance
- Single Sign-on/SAML
- Mail Security (Inbound / Outbound)
- SPAM Filtering (ensuring rules are up-to-date and relevant)
- Network Security & Monitoring
- DLP (Data Loss Prevention)
- Technology related security incidents
- Infrastructure issues and projects
- Privileged account logging and control
- Data sovereignty
- Pro-actively manage the agenda for technology & systems improvements in the Corporate network system domains. Essentially helping deliver a liked set of employee, corporate and client solutions.
- Identify and define system security requirements.
- Design system security and infrastructure architecture and develop detailed designs.
- Prepare and document standard operating procedures and protocols.
- Configure and troubleshoot security infrastructure devices.
- Develop infrastructure & security technical solutions and analyse new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further system and security enhancements.
- Ensure the technology, systems & support are optimised for customer facing individuals or teams working remotely from the office - from design through to remediation of issues.
- Work positively with the other Technology teams to ensure end-to-end customer satisfaction with the technology services to employees.
- Ensure that tickets picked up are responded to quickly, professionally and courteously and effectively manage within agreed service level agreements (SLA).
- Continue to review and improve the technology solution or knowledge base allowing issues to be fixed on first touch and minimising client downtime.
- Act as a guide and mentor for other team members.
- Identifies opportunity to improve overall performance through training or technical enhancements.
- Design and implementation of new solutions and improving resilience of the current environment.
- Be a true team player, working professionally and constructively with colleagues offering help and assistance with incidents, user requests, problems and projects.
- Ensure Huntswood's computing facilities are kept secure to reduce the risk of breaches of confidentiality, integrity and availability.
- Ensure IT projects are progressed professionally and in a timely manner, ensuring projects are delivered on time and to budget.
- Track record of providing security services in large organisations.
- Experience in building & maintaining security systems and infrastructure.
- Detailed technical knowledge of database and operating system security.
- Experience with network technologies and with system, security, and network monitoring tools.
- Experience with Mail Security, Web Filtering and DLP technologies
- Thorough understanding of the latest security principals, techniques and protocols.
- Familiarity with web related technologies (Web Applications, Web Services, Service Oriented Architectures) and of network/web protocols.
- Expert understanding of firewall/IPS/IDS principals and practices.
- Analyse and advise on new security technologies and program conformance.
- Good understanding of Identity Management / device access controls including multi-factor authentication.
- Understanding of a Microsoft Windows Active Directory environment.
- Good understanding of the Microsoft Windows and Office security and patching practices (e.g. Ivanti/Shavlik).
- Good understanding of Linux (Centos/RedHat preferred) security and patching practices (e.g. Pulp)
- Scripting experience (PowerShell and Python preferred, utilising SOAP and REST API technologies)
- Excellent business communication skills, with the skills to communicate at all levels.
- Excellent time management and prioritisation skills
- Experience completing external security audits
- Experience of large and small technology change projects within a fast paced and demanding corporate culture.
- Capable of taking a holistic approach to IT security, data protection and new initiatives such as GDPR balancing the need for the business system owners to manage their risks rather than emasculating functionality.
- Be able to demonstrate an expert understanding of the major Microsoft packages namely Microsoft Windows and Office, including licencing and cloud services.
- Any of the following IT qualifications; CompTIA A+, Microsoft Certified IT Professional (MCITP).
- Experience of working with ISO27001:2013 onwards.
- Experience in Financial Services or working in a regulated and secure environment.
- Good project management skills, utilising tools such as Jira
- Confidential, reliable and genuine
- Dynamic, passionate and determined
- Friendly, compassionate and cooperative
"It's not just about what we do, but the way we do it. And it's our values that make us special."