Join to apply for the Security Engineer role at SCG Connected
Location: Basingstoke
Department: Group IT
Reporting to: Chief Security and Information Officer
Job Objective
* Acknowledge, analyse and validate incidents triggered from correlated via analysis and various tools
* Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
* Collection of necessary logs that could help in the incident containment and security investigation
* Make high quality decisions, often with incomplete information, and actively engage with customers
* Escalate validated and confirmed incidents to CISO
* Undertake first stages of false positive and false negative analysis
* Understand the structure and meaning of logs from different log sources such as FW, IDS, Windows DC, appliances, AV and antimalware software, email security, etc.
* Open incidents and properly include all details related to logs, alarms, and other indicators identified, with the intervention protocol.
* Track and update incidents
* Research and analyse security incidents and provide insight into how to detect and resolve them
* Report infrastructure issues to the infrastructure team.
* Help develop platforms and tools to automate and improve security posture across the group
* Help improve and develop documentation.
Skills And Competencies Required
* Knowledge and hands-on experience in management of IDS/IPS, Firewall, VPN, EDR/XDR, mail filtering and other security products
* Experience in Security Information Event Management (SIEM) tools, creation of basic correlation rules, and administration of SIEM preferred
* Expertise on TCP/IP network traffic and event log analysis
* Network troubleshooting skills required.
* Knowledge and hands-on experience in penetration testing/vulnerability scanning, security tools like Tenable Nessus, Kali Linux
* Knowledge of ITIL disciplines such as Incident, Problem, and Change Management
* Experience of infrastructure design and management in mission-critical environments preferred.
* Understanding of Virtual Infrastructure and Windows environments preferred
* Effective communication, organizational, problem-solving and presentation skills
* Self-motivated and able to work with minimal supervision.
* Ability to build trusting, collaborative relationships with peers with a strong sense of accountability and ownership.
* Knowledge of ISO27001, CE, CE+
Key Tasks
* Create and perform security assessments and threat models
* Develop, implement & maintain security standards and plans
* Research weaknesses and find ways to counter them
* Respond to attack vectors and security incidents, and coordinate incident response across teams
* Test company software, firmware, and firewalls
* Design software security systems like intrusion detection systems and firewalls
* Maintain and proof network security systems
* Analyse security systems and seek improvements on a continuous basis
Seniority level
* Entry level
Employment type
* Full-time
Job function
* Information Technology
* Telecommunications
#J-18808-Ljbffr