Security Engineer

Posted 26 October 2021
Salary £50000 - £65000 per annum
LocationCity of London
Job type Permanent
Discipline Network & Security
ReferenceBBMP/SECUR/REMOTE_1635333949
Contact NameMillie Palfreyman

Job description

Security Engineer (fully remote)

A key global client of mine who are serving more than 5,000 clients globally are currently looking for a Security Engineer to join their team on a permanent basis

The Responsibilities

  • Ensure that our applications, software and infrastructure is designed and implemented to the highest security standards.
  • Perform security assessments, design reviews, security audits, risk analysis, vulnerability testing and security code-reviews on a wide variety of environments.
  • Work with key stakeholders across the company to define, design and implement effective security controls and remediate vulnerabilities to improve our security posture and reduce risk to acceptable levels
  • Conduct assessments of threats and vulnerabilities and determine deviations from acceptable security baselines
  • Manage security technology processes and solutions, sometimes through 3rd parties, including endpoint protection, vulnerability management, and SIEM
  • Review security events for context, appropriateness, and criticality and be an incident responder as needed
  • Create security operations playbooks to ensure a consistent approach and response to current & emerging threats
  • Conduct network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, Host Based Security System (HBSS), etc.
  • You will also work closely with other security engineers, compliance analysts, DevOps, IT, and architects to enhance our application security posture.
  • Perform security assessments, gather evidence for security audits, review third party security documentation
  • Develop technical solutions to help mitigate application security vulnerabilities
  • Conduct research to identify new attack vectors against products and services.

Your Experience:

  • Extensive experience in Information Security or a related field
  • 7+ years of security development experience
  • Expertise in TCP/IP. Understanding of common network vulnerabilities, OS vulnerabilities (Windows and macOS), patching and attack patterns
  • Strong organization, time management and project management skills
  • Experience in public cloud environments
  • An understanding of system hardening, containerization, and cloud security controls
  • Familiarity with ISO27001, SOC, GDPR, & CCPA
  • Excellent interpersonal skills & communication skills; you should be an ambitious teammate with strong analytical, problem solving, debugging and troubleshooting skills
  • Familiarity with Enterprise Vulnerability Management tools
  • 2+ years of experience with M365 Defender & M365 Cloud Application Security
  • 2+ years of experience with Azure SSO
  • 2+ years of experience with IDS/IPS solutions such as Fortinet
  • 3+ years of experience with public cloud services including AWS, GCP and Azure
  • Previous mergers & acquisition experience is a PLUS