Your new company - Specialist Global Financial Services
Your new role - Permanent - ON SITE 5 Days per week. - UK Only
Job Title:
IT Security Engineer
Job Brief:
As the first line of defence in the IT department, the purpose of this role focusses on information security, cybersecurity and data security, including a wide scope of physical security operating systems such as Windows and Linux, network security, firewall and other security devices, application security both development and testing phrases SAST & DAST, terminal security, backup security, third party and supply chain security. We are seeking a skilled IT Security Engineer to identify, investigate, and mitigate potential security risks to protect the information systems and computer networks.
Responsibilities:
* Design and Implement Security Measures: Develop secure network solutions to defend against advanced cyber threats.
* Maintain the cybersecurity equipment, including firewall, IPS, WAF, WSUS, ATA, AD policy.
* Compile and develop cybersecurity policies and procedures, conduct regular reviews.
* Application Security: Ensure the security of applications by implementing secure coding practices, conducting code reviews, and performing vulnerability assessments.
* Information Security: Protect sensitive information by developing and enforcing security policies and procedures.
* Maintain the SIEM tools, make sure security logs generated from security systems and devices are configured and safeguarded properly.
* Incident Response: Investigate security breaches, conduct forensic investigations, and mount incident responses.
* System Audits: Work with Internal Audit and other departments to execute penetration tests, cybersecurity risk self-assessment, ensure best practice and international baseline standards are in place and in line with local regulation.
* Perform routine audits of systems and software to ensure compliance with established security protocols.
* Training: Educate staff on network and information security procedures.
* Collaboration: Work with the IT team to maintain security configurations and disaster recovery plans.
* Expertise and knowledge of the security framework includes NIST 800, ISO 27001, cybersecurity guidelines from PRA, FCA and ICO, familiar with GDPR regulation.
* Strong knowledge of IT internal control and audit, information security officer is highly recommended.
* Network Security (Routing, Firewall, Switch, Internet Gateway) and Security Products (SIEM, EDR, etc.), familiar with SIEM tools such as Splunk, Solarwinds, ManageEngine, etc.
* Documentation: Document any security breaches and assess their damage.
Requirements:
* Education: Bachelor's degree in Computer Science, Cybersecurity, or a related field. Relevant certifications such as CISSP or CEH are desirable.
* Experience: 3-5 years of experience in information security or a related field.
* Skills: Knowledge of firewall administration, encryption technologies, network protocols, and application security. Excellent communication skills to convey technical concepts to non-technical stakeholders.
* Languages: Due to the organisation having offices in China, Mandarin would be an advantage.
Preferred Qualifications:
* CISA/CISSP/CCSP
* MCSA-Microsoft Windows Server
* MCSE- Microsoft Certified Solution Expert;
* MCITP-Microsoft Certified IT Professional;
* VMware Certified Professional; CCNA/CCNP
* Experience with security tools and technologies such as intrusion detection systems, SIEM, and vulnerability management tools.
* Familiarity with regulatory requirements and industry standards related to IT security.
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.
#4672461 - James Francis
#J-18808-Ljbffr