As a Cybersecurity Operations Senior Engineer at Baillie Gifford, you will be a pivotal member of our cybersecurity team, driving innovation and continuously enhancing our security capabilities. You will serve as the subject matter expert on Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Endpoint Detection and Response (EDR), and cloud security. In this role, you will leverage your technical proficiencies to research and comprehend modern tactics, techniques, and procedures (TTPs) and attack patterns, developing and implementing high-fidelity custom detections across various tools. You will take on the responsibilities of a technical lead, steering projects related to the research, evaluation, and implementation of advanced security technologies. Your expertise will be crucial in onboarding and optimizing data into our SIEM platform using our data management framework. You will also play an integral role in incident response, acting as a key responder within our team and occasionally undertaking general Cyber Security Operations Centre (CSOC) responsibilities, including threat detection and response to security incidents. Effective communication is essential, as you will articulate complex security issues to both technical and non-technical stakeholders across different departments, fostering a comprehensive and inclusive security culture. As a Cybersecurity Operations Senior Engineer, you will have a varied role, including, but not limited to the following:
* Develop and improve security capabilities leveraging automation where possible.
* Evaluating and implementing new security technologies.
* Provide Cybersecurity expertise to lead and support security and business change.
* Supporting our security infrastructure and tooling (SIEM, AV, XDR, VM, NDR and SOAR).
* Promote and develop awareness of different security risks and best practices across the company.
* Play an active role in supporting the information security needs for infrastructure and development projects.
* Assist with security alert investigations when required.
* Participate in our cyber security incident response team (CSIRT) processes when required.
* Work with other infrastructure teams to create best-practice secure builds regarding OS security. (Windows, Linux, MacOS)
Extensive experience working in a cybersecurity role.
* A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
* Strong knowledge and experience in Linux and Linux system administration (RHEL/CentOS)
* Knowledge and experience of Windows Server/Desktop Environments.
* Experience in using SIEM, SOAR and EDR solutions.
* Experience using PowerShell, Bash, Python, or similar scripting languages.
* Strong understanding of underlying network protocols that make up an enterprise network. Including but not limited to SQL, TCP/IP, and Active Directory.
Security certifications (Security+, CySA+, SC-200, CISSP, OSCP). (Desirable) Technical Certifications (RHCSA, AZ500, CCNA). (Desirable) You hold extensive experience working in cybersecurity and possess a comprehensive understanding of IT security best practices, common attack types, and detection/prevention methods. You have strong knowledge and experience in Windows Desktop/Server administration, as well as familiarity with Linux Server environments. You have solid proficiency in SIEM, SOAR, and EDR solutions, coupled with experience in scripting languages such as PowerShell, Bash, or Python. You exhibit an in-depth understanding of network protocols like SQL, TCP/IP, and Active Directory. Additionally, strong experience in cloud environments and working with a vulnerability management platform is highly valued. You can research and analyse tactics, techniques, and procedures (TTPs), implement custom detections, and optimize data ingestion into SIEM platforms. You are a natural communicator able to articulate complex security issues to both technical and non-technical stakeholders across various departments. You are comfortable acting as a subject matter expert in security technologies like SIEM, SOAR, EDR and detecting and responding to complex incidents. Adept at implementing innovative security measures, managing projects involving new cybersecurity technologies, and participating actively in the incident response process, you have a passion for continuous personal development, strong self-management, and the ability to diagnose and troubleshoot technical issues are essential. The role demands technical competence, teamwork, adaptability, and strong judgment skills.
* Data Literacy
* Digital Effectiveness
* Improvement Mindset
* Systems thinking
* Team Working
At Baillie Gifford we are committed to fostering an inclusive and respectful culture in which each of our colleagues can thrive and develop. We believe that our clients are best served by a diverse workforce with the experiences, ideas and perspectives that this brings.