Senior Security Engineer – Office or remote – £60,000 – £85,000

Senior Security Engineer – Office or remote – £60,000 – £85,000 – PKI, Security, Powershell, Bash, Python

Purpose Statement

• Applies continuous improvement to security and infrastructure tools, with a specific focus on Infrastructure Security and Compliance
• Ensures infrastructure security requirements are clearly defined and monitors organisation wide compliance
• Accountabilities In the context of Infrastructure Security and Compliance:
• Evaluate security technologies and infrastructure deployed in the current environment to ensure they adhere to architectural requirements
• Run software system testing and validation procedures, programming, and documentation
• Perform integrated quality assurance testing for security functionality and resiliency attacks
• Perform information security research and analysis for assigned systems and network infrastructure
• Plan configuration changes for major infrastructure platforms
• Identify security issues around steady state operation and management of software and incorporating security measures that must be taken when a product reaches its end of life
• Support cross-functional meetings with appropriate staff to develop system design recommendations for all required engineering disciplines, such as hardware, software, platform, maintainability and reliability

Competencies and Qualifications

• Knowledge of secure reference architectures, such as infrastructure, network, and application design
• Knowledge of applicable information security trends and best practices
• Ability to capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules
• Understanding of the current vulnerabilities exploited by threat actors, the response capabilities, and mitigation strategies commonly used by large organisations to maintain cyber security
• Perception of existing cyber threat actors and an insight into their tactics, techniques and procedures (TTP)
• Deep IT technical skills (information security solutions in detail, public key infrastructure (PKI), file encryption, programming, support, workstations, network, cloud solutions, etc.)
• Strong programming skills in Powershell, Bash, Python
• Strong query-based skills in SQL and Kusto
• Experience in and knowledge of operating systems (e.g., Android, iOS, Linux, Windows, MVS, VMWare), hardware and software platforms, and protocols as they relate to information technology
• Knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth)
• Knowledge of security technologies including: Firewall, IDS/IPS/HIDS, Anti Vir Ability to research and characterize security threats to include identification and classification of threat indicators

Work Experience

• Experience in designing, implementing and operating a successful infrastructure security management process
• Experience of working in an outsourced environment with multiple third parties and in-house teams
• Preferred experience working in a Security Operations Centre (SOC) or Computer Emergency Response Team (CERT/CIRT)
• Preferred experience with intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering including dark web research, social media analysis, source verification, data fusion, link analysis, and threat actors
• Experience in building and running a Security Operations Center for large global organizations, and/or in working with third party vendors and managed security services in similar capacity
• Experience working with Security Information and Event Management (SIEM) type technologies
• Experience in designing SIEM use cases, tuning, and working with Managed Security Service Providers (MSSP) related to security monitoring

This job ad was posted by Salt. To find out more about Salt’s Privacy Policy and how your application is processed, please visit our website https://welovesalt.com/privacy-policy/.