UK Research and Innovation
UKRI convenes, catalyses and invests in close collaboration with others to build a thriving, inclusive research and innovation system.
Security Operations (SecOps) Engineer-(24000132)
Description
UK Research and Innovation
Salary: £45,272 to £56,844 per annum dependent on skills and experience (this may include allowances)
Hours: Full time
Contract Type: Open ended
Location: Polaris House, Swindon or Keyworth, Nottingham (Hybrid working available)
Closing Date: Sunday 19th January 2025
About us
The UKRI CIO Group plays a pivotal role in managing and optimising the organisations critical enterprise technical services that underpin and enable UKRI’s business capabilities. Within the group a team of Information Security Professionals support the delivery of modern, secure, resilient and scalable services across a larger federated team of Digital, Data and Technology professionals to deliver impact across the organisation and the wider UK research and innovation system.
Purpose
This post provides a rare opportunity for an experienced information security professional to step into a fast-paced security operations role in an organisation at the heart of research and innovation in the UK. Working as part of a team of technical specialists, and to the deputy head of information security, your broad remit is to ensure the security and integrity of the organisation's IT infrastructure. This role involves working closely with development, operations, architecture and security teams to implement and maintain secure systems and protocols, monitor for security threats, respond to incidents, and continuously improve the security posture.
Main outputs and activities
* Develop, maintain, and optimise security playbooks
* Create and implement API integrations between systems to improve data collection, facilitate cross-system communication, and boost automation.
* Utilize APIs to enhance security operations and improve the efficiency of the Security Operations Center (SOC).
* Design and deploy automated workflows to manage routine SOC tasks, such as alert enrichment, notifications, and data gathering.
* Collaborate with security analysts and engineers to develop automation solutions that strengthen the overall security posture.
* Monitor and maintain automation tools to ensure optimal functionality and identify areas for further improvement.
* Build and maintain security at every point in the CI/CD pipeline
* Oversee daily operations of security infrastructure, monitor environments for vulnerabilities, and respond to incidents using tools like intrusion detection systems and SIEM.
Shortlisting criteria
(S) – Assessed at shortlisting
(I) – Assessed at interview
(S&I) – Assessed at both shortlisting and interview
Applicants will be able to demonstrate skills in line with the monitoring and response lead roles using the Government Security Profession career framework.
Essential:
* Exceptional AWS and cloud security understanding and experience. (S)
* Solid Microsoft 365 security experience in configuration (as well as analysis).
* Intune experience in a corporate production environment. (S&I)
* Experience working in hybrid environments with VPNs and complex network topologies (S&I)
* Experience with DLP technologies (ideally Microsoft Purview). (S)
* Demonstrable experience working in a blue-team type environment or role. (S)
* Penetration testing knowledge and experience, from vulnerability scanning through to more advanced security analysis. (S)
* Experience and knowledge of ISO27001 or similar standards (I)
* Performing comprehensive security audits and assessments (S)
Desirable: (optional)
* Be able to prioritise competing deadlines and objectives. (I)
* Experience of working in a Public Sector Organisation (S)
* Experience with a wide range of security technologies in a complex R&D environment (S)
* Programming and scripting in PowerShell, Python and other languages (S&I)
* Implementing Zero Trust principles (S&I)
Qualifications
* A professional certification (e.g., CISM, CISSP, CompTIA Security+, CCSP or AWS certification)
* Degree in a related subject or relevant comparable education.
Security
As a minimum, due to the nature of this role, candidates must be eligible for clearance in line with UK National vetting guidelines and willing to undertake the process. The level of clearance required is security check.
Behaviours
We'll assess you against these behaviours during the selection process at Grade SEO:
* Managing a quality service
* Changing and improving
* Delivering at pace
* Seeing the Big Picture
How to apply
Online applications only preferred for this role. Please submit a CV and covering letter which clearly outlines how you fulfil the criteria specified along with your motivation for UKRI and the role. Ensure that the job reference number is included in the filename description of each document uploaded. Note that failure to address the above criteria or submit an application without a covering letter may result in the application not being considered. Assessment will only be based upon the content of your submitted covering letter and CV and not the ‘experience’ section of the application.
#J-18808-Ljbffr