We are Kocho, a technology adoption services company that offers excellent technical consulting to enable our clients to achieve their business goals.
Our head office is located in the heart of London's West End and provides a comfortable working environment with flexible collaboration spaces.
Kocho is an equal opportunities employer. We make recruitment decisions based on qualifications, skill set and experiences. We consider all suitable candidates regardless of their age, sex, gender reassignment, race, religious beliefs, or lack thereof, marital status, disability or sexual orientation or any other protected characteristic.
This mindset aligns with our company values as we understand that we are Better Together.
About This Role
As a Security Engineer, you will play a critical role in safeguarding our organization, our clients and our Partners, from cyber threats. You will be responsible for implementing and maintaining security measures to protect our systems, networks, and data from unauthorized access, attacks, and breaches.
You will work closely with other members of the Security Operations team and directly with clients to ensure that our security systems are up to date and effective. The Security Engineer provides a critical Tier 2 Incident Response/Escalation Service in addition to the above, though this is not their primary focus it is expected and Incident Response forms a portion of this role.
Key Responsibilities
* Manage and execute phishing campaigns using our tooling.
* Lead vulnerability scans and provide valuable feedback with accurately tuned reports.
* Deliver technical recommendations on regular Client cadences, with support from a Cyber Security Project Manager.
* Work with the Microsoft Security Stack and Microsoft Sentinel, deploying and updating KQL analytical rules or Content Hub solutions to improve our detection and response capabilities.
* Respond to quarantined emails, ensure that Defender threat policies are effective, and create Playbooks (Azure Logic Apps) to automate workflows and improve efficiency.
This role requires strong knowledge of security protocols and standards such as ISO 27001, GDPR, and PCI-DSS. Experience with vulnerability testing and risk analysis is also essential.