We are currently looking for a Security Engineer to join our team in the Cardiff office.
You will be expected to attend the office 50% of the working week, to align with our hybrid working policy. Therefore we would expect you to live within a reasonable commutable distance to the Cardiff office. We do not promote large amounts of travelling, as we would not want to encourage burn out.
With these values, we’ve fostered a culture of growth, innovation, well-being and success for the last 20 years at Creditsafe and created a legacy of successful career trajectories within our community of Creditsafers.
As a company, we don’t shy away from rolling up our sleeves to do everything possible to create a welcoming environment where every new talent is guided, supported and nurtured to grow and become a part of the culture.
With 25 offices across 14 countries, our geographically disperse community of colleagues are a testament to our inclusive and diverse culture that comes together to solve complex problems and learn from each other.
We’re proud to be a part of a culture and a company where careers are made and where talent meet its true potential.
In this role, you will provide advanced support on complex technical issues, participate in security incident investigations, and contribute to the implementation of zero-trust principles. You'll be instrumental in managing cloud security within Microsoft Azure and AWS environments, integrating cloud-native security tools like Microsoft Sentinel and AWS Security Hub.
Provide 4th line support on complex technical issues, root cause analysis of investigations and security tooling used by Security Operations team
Examine tooling output and configuration to ensure relevant controls are implemented effectively to reduce risk to identities, infrastructure/environments and data.
Representing the Information Security function on the Cloud Security Working Group, you will be ensuring that best practices and regular reviews are performed as part of architecting, implementing and managing security solutions in Microsoft Azure and AWS cloud environments. This will include integrating and configuring cloud-native security tools so that relevant alerts and appropriate monitoring are fed back into Security Operations tooling such as Microsoft Sentinel.
Implement, configure and manage tooling used to perform regular vulnerability assessments and penetration tests on cloud infrastructure, networks, and applications. Work alongside external penetration testing partners on enabling infrastructure and application scanning, producing remediation plans, and managing their resolution
Investigate zero-day vulnerability applicability, and remediation or workaround approaches to lessen risk to infrastructure, applications and/or data
Assist the wider SecOps team in automating, simplifying, and enhancing security tasks through using tools such as AWS Lambda, Python, Power Automate, PowerBI
Information Security Compliance
Collaborate with Information Security Compliance, Risk and Audit teams on reviewing control gaps with standards such as ISO27001, ISO22301 and SOC2.
Bachelor's degree in Computer Science, Information Security, or related field (Master’s preferred)
Proven Experience in Cybersecurity or IT Infrastructure role with substantial security element.
Strong knowledge of Azure Security Services, AWS Security Services, and cloud-native security tools, such as Microsoft Sentinel, AWS Security Hub, GuardDuty
Design, configuration and implementation experience of:
SIEM solutions and integrations relevant to Microsoft Sentinel
AWS native security tooling and services
Microsoft E5 tooling such as DLP, Defenders for Endpoint, Cloud, CloudApp and Identity
Experience in network security, firewall management, and secure cloud architecture.
In-depth experience with IAM, encryption technologies, and data protection in cloud ecosystems.
Hands-on experience with automation tools, CI/CD pipelines, and security integration in DevOps.
Proficiency in scripting languages such as Python and PowerShell.
Certifications such as CCSP, AWS Certified Security Specialty, Azure Security Engineer, CompTIA Security+ or equivalent.
Familiarity with financial services security regulations and standards (i.e. Competitive Salary.
# Company Laptop supplied.
# Bonus Scheme.
#25 Days Annual Leave (plus bank holidays).
# Hybrid working model.
# Healthcare & Company Pension.
# Cycle to work and Wellbeing Programme.
# Global Company gatherings and events.
# E-learning and excellent career progression opportunities.
# Creditsafe is an equal opportunities employer that values diversity.