Job Summary:
At Volaris, our business is acquiring, strengthening, and growing vertical market technology businesses. Our team oversees the cyber security maturity, governance, risk management and compliance state of all our business units (and there's quite a few) no matter their industry, size, or complexity.
We are seeking a Cyber Security Engineer with a well-rounded understanding of cybersecurity principles and solid, hands-on experience in managing and enhancing security systems. This role is essential to safeguarding our organization through active security operations, in-depth threat analysis, and proactive defence strategies. The ideal candidate will have experience configuring and maintaining critical security tools, such as firewalls, web gateways, and email protection systems, and possess the analytical skills needed to detect and respond to threats across multiple platforms.
Working within our cyber technologies team, you will play a critical role in reducing our attack surface and shaping a resilient cybersecurity posture in a rapidly evolving threat landscape. Key responsibilities include scripting for automation (using Python or PowerShell), collaborating on data visualization with our Power BI developer, and applying expertise in M365 and identity protection systems. This role requires a proactive and inquisitive mindset, with the ability to adapt to dynamic challenges, and the flexibility to work two-three days a week at our Cardiff, UK office, necessitating applicants to reside within commuting distance.
Job Description:
Responsibilities:
1. Regularly review and optimize configuration settings across all security tools, identify outdated or incorrect rules, and implement changes to enhance our cyber defence posture.
2. Correlate data and monitor activity across multiple security systems to detect and investigate suspicious behaviours and threat tactics that target our business and industry.
3. Partner with our Power BI developer to define reporting requirements, ensure data accuracy, and visualize security metrics and intelligence insights effectively.
4. Utilise scripting (Python or PowerShell) to automate manual processes within the team to streamline security operations and enhance system efficiency.
5. Configure, monitor and audit firewall policies, traffic, and security configurations to maintain secure network operations.
6. Manage web security policies and enhance web access controls to support safe browsing practices.
7. Regularly assess external threats, monitor organizational exposure, and take action to mitigate risks identified through outside-in platforms.
8. Proactively administer and monitor for leaked credentials and take necessary response actions to prevent unauthorized access.
9. Configure, maintain, and enforce email authentication policies (DMARC) to protect against domain spoofing and unauthorized use.
10. Develop, document, and communicate best-practice security guidelines for security tools and systems to the wider business to support consistent and effective security practices.
Requirements:
1. Strong analytical and problem-solving skills with a motivated and inquisitive mindset for effectively identifying and addressing complex security threats.
2. Proficiency in scripting languages such as Microsoft PowerShell and Python preferred to automate manual processes.
3. Hands-on experience with security tools including firewalls, web security gateway and M365 for system administration and troubleshooting.
4. Experience managing credential leakage and continuous monitoring platforms to identify and mitigate security threats.
5. Ability to document findings, set guidelines and create documentation for processes and procedures.
6. Excellent communication skills to articulate threat analysis findings and recommendations to both technical and non-technical stakeholders.
7. Proven ability to work effectively in a collaborative team environment, as well as independently, to meet deadlines and deliver high-quality results.
8. Demonstrate and show an understanding of key cybersecurity frameworks such as MITRE ATT&CK, MITRE D3FEND and OWASP.
9. Experience in picking up and managing tickets in a ticketing system, ensuring timely resolution and documentation of tasks.
10. Reside within commuting distance of our office located in Cardiff, UK.
Education and Experience:
1. Bachelor's degree (or equivalent) in Computer Science, Information Technology, or related field.
2. CISSP (Certified Information Systems Security Professional) or equivalent.
3. Broad understanding of security principles and technologies with hands-on experience with security tools demonstrated.
Desirable Skills and Experience:
1. Networking Certified: In one or more of the major vendors.
2. Microsoft Certified: Security Operations Analyst Associate, Identity and Access Administrator Associate, Information Protection Administrator Associate or equivalent.
3. Familiarity with threat intelligence platforms (TIPs) and security information and event management (SIEM) systems for comprehensive threat analysis.
4. Experience of implementing DMARC compliance across the business.
5. MySQL and ClickHouse database platforms.
Benefits:
We offer a competitive salary and benefits package, designed to attract, and retain top cybersecurity talent. Here are some highlights:
1. Competitive salary and benefits package.
2. Professional development and training opportunities.
3. 25 days paid leave after first year of employment.
4. Wellbeing benefits (including 24/7 online GP and mental health support), Employee Assistance Programme, discounted family health / dental care / eye tests, cycle-to-work scheme.
5. Group Life Assurance.
6. Located in the vibrant city of Cardiff, with easy access to amenities, transportation, and a thriving cybersecurity community.
7. Opportunity to work with cutting-edge security technologies.
8. Hybrid work environment.
Worker Type:
Regular
Number of Openings Available:
1 #J-18808-Ljbffr