As Senior Security Operations Engineer for a leading provider of innovative solutions in the communications space, you will play a key role in managing and enhancing their security operations center (SOC). You will oversee security monitoring, threat detection, and incident response activities and ideally have extensive experience in Cybersecurity.
Key Responsibilities:
* Lead and coordinate the response to security incidents, including containment, eradication, recovery, and post-incident analysis.
* Monitor and analyse security events and alerts from various sources, including intrusion detection systems (IDS), firewalls, and SIEM (Security Information and Event Management) systems.
* Conduct detailed forensic analysis and investigation of security breaches and other cyber incidents.
* Develop and maintain incident response plans, playbooks, and procedures.
* Mentor and guide junior analysts in security operations best practices and incident response techniques.
* Collaborate with IT, legal, and other departments to address security vulnerabilities and ensure compliance with regulatory requirements.
* Implement and manage advanced security tools and technologies to enhance threat detection and response capabilities.
* Perform regular security assessments, vulnerability scans, and penetration tests.
* Create and deliver detailed incident reports, including root cause analysis and recommendations for improvement.
Experience and Qualifications:
* Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent work experience.
* 5+ years of experience in cybersecurity, with a focus on security operations and incident response.
* In-depth knowledge of networking concepts and protocols (TCP/IP, DNS, etc.).
* Proficiency with security tools and technologies, such as firewalls, IDS/IPS, anti-virus software, SIEM systems, and EDR (Endpoint Detection and Response).
* Strong analytical, problem-solving, and decision-making skills.
* Excellent communication skills, with the ability to convey complex technical information to non-technical stakeholders.
* Experience in conducting forensic analysis and handling digital evidence.
* Familiarity with regulatory compliance frameworks (e.g., GDPR, PCI-DSS, Cyber Essentials).
* Advanced certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or GCIH (GIAC Certified Incident Handler), SANS etc.
* Experience with scripting and automation (Python, PowerShell, etc.).
* Proven track record of leading security incident response teams.
* Knowledge of threat intelligence platforms and techniques.
Please note that due to the high volume of responses we receive, only successful applicants will be contacted.
Devonshire is an equal opportunity employer, and we encourage job applications from people of all backgrounds. All qualified applicants will receive consideration regardless of gender, race, religion, age, disability, sexual orientation, or marital status.
This is a hybrid role with some UK travel.