Security Engineer – Infrastructure – Leeds – £30-38k REF 606
We’re now looking for an IT Security Engineer to join our growing team. Reporting to the Head of Cyber/IT Security and a key member of the Technical Information Security Officer team (TISO), the IT Security Engineer performs an important responsibility to protect the company's information assets by ensuring systems, infrastructure, networking, and hosting services are secure with the provision and performance of effective IT security systems and processes across the Group network and business functions.
The IT Security Engineer will provide maintenance, development, and 2nd/3rd line support of the IT security toolset, network, and systems and perform vulnerability management, remediation, and ensure the development of secure and compliant IT and business solutions, secure design, deployment, and operation of cloud infrastructure/services and Internal IT security consultancy.
You’ll be responsible for:
1. Responding to and/or escalating security alerts generated by the IT security toolset; Identification and remediation of IT security risks and vulnerabilities;
2. Respond to security threats from various notification platforms and investigate suspicious activity and alerts;
3. Ensure all security platforms, policies, and procedures are effective and maintained;
4. Work closely with the IT Operations Team to assess security infrastructure, network, and systems;
5. Identify security risks, threats, and vulnerabilities of networks, systems, applications, and new technology initiatives;
6. Perform and evaluate regular internal and external vulnerability scans;
7. React to and initiate corrective action regarding security violations, unauthorized access attempts, and virus infections that may affect the network or other events affecting security;
8. Perform risk and impact analysis on proposed changes and projects to the security infrastructure;
9. Monitor security system logs (i.e. Web Application Firewall, firewall system logs, etc.) and report on discovered anomalies or problems (i.e. performance issues, inappropriate access patterns);
10. Evaluate and report on new and potential beneficial technologies;
11. Help to develop and maintain the suite of Technical Security Standards necessary to ensure a consistent and up-to-date technically secure environment;
12. Work with 3rd party suppliers to ensure compliance with Lowells security process and standards;
13. Assist Supplier Oversight activities by performing Technical Security related Risk Assessments as and when required;
14. Provide expert technical security services as and when required for Client requirements, internal audit, external audit, and any prevailing Certification activities.
You’ll need to evidence the following qualifications, skills, and experience:
1. Excellent understanding of technical security processes, security operations, hardening techniques, and secure cloud services ideally within the finance sector and within an international organisation;
2. Good understanding and working knowledge of TCP/IP, access-control lists, VLANs, VPNs, firewalls, WAF, MPLS, 2FA, Active Directory structures, PKI;
3. Comprehensive understanding and experience of designing, configuring, implementing, and deploying firewalls, IDS/IPS, authentication systems, log management, content filtering, Mobile Device Management, and technologies based on IT/Cyber Security best practices;
4. Experience in configuring, operating, and maintaining SIEM solutions and log management;
5. Experience in networking, troubleshooting, and analysis tools;
6. Experience in vulnerability assessments, penetration testing, and patch management;
7. Identifying, assessing, reporting, and mitigating technical security related risks within business processes, projects, systems, 3rd party, and client engagements;
8. Experience of leveraging threat & vulnerability management sources for preventative security measures and controls;
9. Effective written and verbal communication (procedure documentation and management reporting);
10. Collaboration (effective team player);
11. Knowledge of industry standards eg: ISO 27001; PCI DSS; Cyber Essentials; ISO31000; and ITIL;
12. Either a recognised Information Security / IT qualification, or working towards a relevant certification (eg: CompTIA Security+, SANS GIAC, CISSP, CISA, CISM), or commensurate experience;
13. Secure configuration and support of outsourced services and Cloud service provision including eg: PaaS, SaaS, IaaS;
14. Strong experience of the systems and associated operations relating to SIEM, IDS/IPS, Vulnerability Scanning/Penetration Testing, Mobile Device Management;
15. Working knowledge of network security, authentication mechanisms, wireless, encryption technologies, and networking protocols including HTTP(S), DNS, SMTP, TCP/IP, UDP, and SNMP.
The Benefits:
Competitive salary with annual bonus.
Contributory pension.
3% flexible benefits - including cycle to work, critical illness, dental insurance, childcare vouchers, travel insurance, dining club, retail discounts, and the option to buy up to one week’s worth of holiday subject to start date.
#J-18808-Ljbffr