Job function: IT, Systems and Security
Main location: UK & Ireland-United Kingdom-Lancashire-Manchester
Other location: UK-United Kingdom- Ipswich
Working pattern: StandardAbout this role
We conduct the scanning for the Server estate using market leading scanning solutions to detect vulnerabilities and critical misconfigurations to ensure that server deployments are secure. This is achieved by using industry best practices, employing CIS Benchmarks and CIS Controls to achieve this. The Compliance and Vulnerability toolset is also responsible for real-time alerting on zero-day vulnerabilities, compromised assets via benchmark scoring. You'll have the following responsibilities
• Work as part of a team responsible for the provision of effective server compliance and vulnerability monitoring tool within the estate including PCI environment.
• Creating new and/or amend existing server compliance policies from the CIS Benchmark's and Standard's for Unix/Windows servers for bespoke deployments.
• Work with design teams, server build owners, security standards owners & project managers to review design documents and implement requirements into compliance tools.
• Support to front line operations for implementation and troubleshooting connectivity from target devices to the compliance and vulnerability tool.
• Responsible for maintaining and building relationships with stakeholders/vendors to minimise the risks.
• Responsible for maintaining effective file integrity monitoring to PCI DSS & SOX environmentsYou'll have the following skills & experience
Expertise in at least two of:
- Worked as part of a team responsible for the provision of effective server compliance and vulnerability scanning via monitoring tools within a large-scale enterprise, PCI DSS knowledge is preferred, but not mandatory.
- Providing professional advice and best practice on implementing compliance policies in
- Unix/Windows server environments
- Experience of having worked with design teams, server build owners, security standards owners & project managers to review design documents and implement requirements into compliance tools.
- Provided professional advice to ensure best practice is promoted when implementing compliance policies in Unix/Windows server environments.
- Previously worked with compliance or vulnerability tools e.g. Qualys, TrueSight Server Automation, IP360, CCM, Rapid 7, etc.
- Working knowledge of Linux/Solaris and/or Windows servers.
- Unix scripting in Shell/Bash, Python or Perl and/or Windows scripting in VBS, Powershell, etc.
- Processes: Ability to create new processes based on security standards or industry standards and documenting operational processes.
- Problem solving: Ability to own and resolve problems end to end.
- Initiative: Ability to work on own initiative in a fast-paced environment. Be a contributor of Continuous Improvement initiatives.
- Stakeholder management: Effective communicator with front line operations, stakeholders & vendors.
- Networking: Knowledge of network switching, routing, and security infrastructures
Get in touch with me today if you have any questions, or apply now!