Job Description
Cyber Security Engineer
Location: Central London-Hybrid
The Client: A leading Law Firm requires a Cyber Security Engineer!
1 Year FTC-Salary – Up to £80,000 + Additional Corporate Benefits Package
Role:
The Security Engineer reports to the Director of Information Security Operations and works closely with the Information Security Management team to implement and maintain our security controls and tools. Work with other departments to improve our security.
Key Responsibilities:
* Develop and deploy tools and automation to simplify common IT security tasks.
* Identify areas for cyber security improvement to ensure cyber security and data security by designing controls.
* Work closely with IT and development teams to integrate security principles into development processes.
* Review existing tools and processes, identify gaps and implement improvements to strengthen our security posture.
* Run a security scan and manage vulnerabilities, take preventative measures to reduce operational risk.
* Monitor security alerts and implement security measures to protect against threats and attacks.
* Monitor and manage responses to security incidents with DLP security.
* Manage standard, third party and authorized identity access
* Implement, manage and enhance HSM key management infrastructure.
* External vulnerability patching, internal vulnerability patching, web application scanning and compliance patching.
* Experience in cyber incident management and investigative security.
* Write high-level plans for review and presentation.
* IT security certification in Change Management Board, Architecture Review Board
Participation in IT and security management meetings.
Required Experience
* Between 5 and 10 years of experience as a cyber security engineer. Hands-on technical support experience in IT and network security or systems engineering roles.
* Extensive experience in security technology management and incident response, including proficiency in SOC, malware, ransomware, threat analysis, server and endpoint security.
* Must be proficient in writing. Clear and concise presentation skills.
* Strong interpersonal and communication skills to work effectively with cross-functional teams and communicate complex security ideas to non-technical stakeholders.
* Excellent analytical and problem-solving skills to identify and remediate security vulnerabilities.
* Ability to work under pressure and react quickly to security incidents or new threats.
* Proficiency in operating systems (such as Windows, Linux) and command line interfaces.
* Must be proficient in programming/scripting languages such as PowerShell (preferred), Python, Perl, etc.
* Strong understanding of networks, cloud computing and the use of security controls within those architectures. Experience in network security, incident management and penetration testing. Powerful and up-to-date knowledge of Cyber for.
Required Skills
* Experience with EDR and antivirus/malware such as SentinelOne, CrowdStrike and Defender.
* Demonstrated ability to work and manage IT systems of Azure, Defender (ATP), M365 and Windows. Experience with Identity Access and Management (IDAM) solutions. CyberArk and ID ENTRA
* Knowledge of tools for restricted/remote access and TS ENTRA portal, DUO SSO and MFA
* Good knowledge of network administration (routing and switching, WAN, Wi-Fi) and network access control (NAC). Cisco and Palo Alto
* Good knowledge of operating system, system and CIS certification application.
* Good knowledge of next generation application platforms, anti-malware, cloud proxy and CASB. Experience with Forcepoint, Palo Alto Firewall and Cisco NAC
* Good knowledge of MS Defender for Cloud, Storage (SQL) and CSPM.
* Good experience with data loss prevention tools, such as MS Purview Compliance Manager and Tessian
* Security monitoring, SIEM tools such as Exabeam, QRadar, Splunk and Sentinel.
* Experience with Azure cloud infrastructure and configuration (Security Center) with M365 and Active Directory on-premises
* Experience with Cloud Email Security Gateway Services, Microsoft Exchange Online, Mimecast and DMARC.
* Experience in developing guidelines, procedures related to documentation, management of key store certificates and HSM. Lapis lazuli and Thales.
* Knowledge of Hyper-V, VMware and Citrix. Knowledge of SCCM or Enterprise Patch Management Tool
* Experience with Qualys and Intelligence Vulnerability and Compatible Management Kit.
.
So, if you feel your skills and experience align with the prerequisites for this role.
Then please get in touch and apply directly.