Job Opportunity: Security Operations Engineer
Denholm are delighted to be working with our financial services client on a great opportunity for a Security Operations Engineer to join their team on a permanent basis. This is a hybrid working role - 2 days per week in the Edinburgh office.
Below covers everything you need to know about what this opportunity entails, as well as what is expected from applicants.
The Security Operations Engineer is an integral part of the Security Operations team, responsible for support and optimisation of the Security Operations platform. This role presents an exciting opportunity to get involved in innovative projects designing security controls and delivering emerging security technologies. Good knowledge of SIEM tooling is essential.
Reporting to the Cyber Security Engineering Manager, you will help to deliver improvements across a number of our cyber security domains including:
1. Security Data & Analytics
2. Security Automation
3. Incident Response
4. Threat Detection
Additionally, you will work closely with our Cyber Security Operation Centre and with other security functions, as well as specialist 3rd party security suppliers and the global IT and business teams.
Key Responsibilities:
As a part of the Cyber Security Operations team, this role will support:
1. Security Platform Optimisation, covering endpoint, network, cloud and logging technologies
2. Security Orchestration Automation and Response, building security automation playbooks and integrations
3. Security Data & Analytics, onboarding data and developing detection logic and analytics
Essential Criteria:
1. Demonstrable experience working in cyber security
2. Experience supporting security tools, such as SOAR, SIEM, EDR, NGFW, CSPM, WAF, AV
3. Industry recognised certifications such as Certified Splunk Architect, PCSAE, CISSP/CCSP, CEH or equivalent experience
4. Experience working in a hybrid (on-prem/multi-cloud) environment
5. Knowledge of one or more scripting languages with experience in developing automation playbooks, scripts that interact with APIs and parsers for data engines
6. Understanding of microservices architecture, Kubernetes, Containers, CI/CD pipelines and DevSecOps
7. Passion for security and self-development to keep up to date with the evolving threat and vulnerability landscape, new technologies and service improvements
If you would like more information on this role, please get in touch to discuss.
#J-18808-Ljbffr