Information Security Operations Engineer / SecOps Engineer

le contenu du travail

Information Security Operations Engineer / SecOps Engineer – Hybrid/WFH/Worthing, West Sussex

£50,000 to £55,000 plus excellent benefits, bonus and career opportunities, plus oncall allowance / Worthing based with flexible hybrid working (1 or 2 days in the office)

Overview of the for the Information Security Operations Engineer / SecOps Engineer role:

My client, a leading, technology strong, professional services company, are currently going through an exciting phase of business transformation and as the Information Security Engineer, you will be working on their new cyber security function, which has a good mix of OT and IT as you manage the cyber risk and support the safety of organisation and their customers.

Notes:

This role is technically ‘hands on’ and requires a strong technical background covering a mix of the following (or interest in developing their knowledge of):

• Operations Security Controls.
• Incident Response.
• Firewall changes.
• Security Engineer with Corporate / Business experience.
• Some exposure to Windows / Linux / Unix, a bonus.
• Any VMWare / Anti-virus / Intrusion Detection / Malware experience welcome.

Reporting directly to the Information Security Manager as part of the SOC team, the role of the Information Security Engineer is to respond to security related incidents, protect the company’s assets from cyber-attacks and monitor, hunt and defend threats.

Scope of the Information Security Operations Engineer / SecOps Engineer role:

• Documents and updates, as appropriate the information security policy, standards and processes ensuring these are up to date, communicated and actively considered during solution and service design.

• Responds to incidents and requests assigned to the SOC within SLAs.

• Provide analysis and trending of log data.

• Monitors, audits and reports on compliance to IT security standards highlighting compliance breaches or potential risks.

• Monitor and action requests and queries to the Information Security and Info Incident mailboxes.

• Assists in planning, management and execution of vulnerability and risk assessment projects.

• Provides advice and practical assistance on information security risk and control throughout the organisation. Promotes security awareness to all staff.

Further responsibilities for the Information Security Operations Engineer / SecOps Engineer:

• Vulnerability management reporting ensuring patching policies and process in place and that these are applied in a regular and controlled manner.

• Researches and tracks information about current security threats and potential vulnerabilities.

• Participates in ongoing quality assurance activities during the development and implementation stages of the IT security initiatives.

• Experience of threat assessment and vulnerability management across complex business structures, including the deployment, administration and management of network-based vulnerability scanners.

• Toolsets and skills – vulnerability and risk analysis, ability to use security tools.

• Maintenance and management of security systems/devices.

• Experience in the following functional areas – Identity & Access Management, Desktop, Device and Server Security, Network Security, Integration Security, Data Protection and Recovery, SIEM, PAM.

• On call support as part of a managed rota.

Major accountabilities of role (Approx % of time spent in role):

• Incident and request response - 50%.

• Threat and vulnerability management and analysis - 30%.

• Maintaining policies, standards and processes - 10%.

• Staff awareness - 10%.

Experience and capability requirements:

Knowledge/experience:

• ISO27001/ISO27002.

• GDPR/ UK Data Protection Act 2018.

• PCI DSS.

• Environmental Information Regulations.

• NIS Regulations.

• CISMP.

• CISSP is desirable not essential.

• ITIL Foundation.

Capability:

• Attention to detail.

• Ability to work effectively within a team.

• Able to manage situations of complexity with positive outcomes.

• Ability to clearly communicate actionable insights and complex findings.

• Positive problem-solving ‘can-do’ attitude.

• Innovative ways of working.

Information Security Operations Engineer / SecOps Engineer – Hybrid/WFH/Worthing, West Sussex

£50,000 to £55,000 plus excellent benefits, bonus and career opportunities, plus oncall allowance / Worthing based with flexible hybrid working (1 or 2 days in the office)