My client is a top global financial services firm in private equity, looking for a motivated and self directed Security Operations Engineer. You will work as part of a small global team working with the managed service providers and 24 x 7 managed SOC participating in operational security initiatives and help develop standards.
This role is highly technical and hands on, a security specific technologies in infrastructure, Azure, M365 and business applications
This role is highly technical and hands on, and a broad understanding of technology is required along with extensive knowledge of security specific technologies and the security related aspects of systems, infrastructure, Azure, M365 and business applications.
Responsibilities will include:
•
Take responsibility for day to day operations within the operational security team ensuring support tickets, tasks, and operational procedures are executed efficiently and effectively.
•
Participate in the day to day operations of Information security covering areas such as incident investigation, security tool monitoring and investigation, escalation management from the managed SOC, threat feed monitoring.
•
Provide security posture inputs to ensure control requirements and technologies are being correctly applied.
•
Provide support and escalation for operational security issues actively participating in major incident response and minimising any impact to the business
•
Configuration and operation of security tooling such as endpoint detection and response tools, secure web gateway tooling, user entity and behavioural analytics, secure email gateways, privileged access management, Single Sign-on etc.
•
In conjunction with the technical teams, implement technical security standards ensuring industry best practice is applied whilst considering the risk appetite and needs of the business
•
Providing technical security advice for projects and changes, including design of technical controls, review of business process controls and input in to secure software development lifecycle standards.
•
Contribute to technical security designs, and provide technical policy authoring.
•
Operation of incident management runbooks, including regular testing.
•
Support of on-going awareness programmes including supporting staff education, running regular phishing tests, and producing intranet announcements
emerging threats
•
Participation in the vulnerability management process ensuring technical vulnerabilities are reviewed and working with our technical teams, to ensure remediation is done in accordance with our standards.
•
Work with technical and development teams to ensure the implementation of our cloud services and technologies are secure.
•
Research emerging threats and vulnerabilities to aid in the identification of incidents and support the creation of new architecture, policies, standards and technologies to address them.
•
Support investigations in to compliance, policy or data breaches as required.
•
Monitor relevant information sources and information sharing services to stay up to date on current attacks and trends.
•
Person Specification
They seek to hire individuals who are highly motivated, proactive, intelligent, and have demonstrated excellence in prior endeavours. The successful candidate should have:
•
Strong technical expertise in security technologies and their application.
•
Knowledge and experience of industry standards such as ISO27001:2022 and how they might apply to the business
•
Desire to be part of an highly effective operational security function that is procedural based and service orientated.
•
Has good judgement, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
•
Strong problem-solving and troubleshooting skills.
•
Good understanding of data handling best-practices and information management and governance
•
Knowledge and expertise of cross-border regulations and global data protection laws, such as GDPR and regulatory demands associated with working in financial business.
•
An understanding of secure software development lifecycles and applying these in a DevSecOps environment.
•
Experience of working with security incident response plans and ensuring those are fit for purpose.
•
Experience working with technical teams responsible for implementing security technology
•
Experience with security monitoring, detection, prevention and control systems
•
Ability to stay current with tactics techniques and procedures adopted by the various threat actors and the mechanisms to mitigate these.
•
Ability to dig into details as well as analyse data from a high level view
•
Microsoft or SANS Security certifications
•
Knowledge of Azure, M365, OWASP Top 10, SANS Top 20, MITRE Att&ck framework etc.
Personal Characteristics
The successful candidate should demonstrate the following personal characteristics:
•
Excellent written, verbal and interpersonal communication skills
•
Effective at building effective and long lasting partnerships / working relationships
•
Effective influencing and negotiation skills
•
Highly self-motivated, self-directed and attentive to detail
•
Happy working with a distributed remote team.
•
Collaborative and inclusive approach to working with colleagues
