This site uses cookies. By continuing to use this site you consent to our use of cookies. Close

Security Engineer

Job Purpose

The purpose of the role is to be to be responsible for defining, delivering and supporting the enterprise security architecture and associated controls, ensuring the operational status of tools and systems used by Security Operations and the organization as a whole. Working as part of the Security Engineering function, you will be expected to maintain security controls and policies, monitoring and reporting appliances health in addition to the analysis and improvement of security controls, policies, and rule base and providing reported evidence of improvements.

Additionally, you will be helping with the monitoring of information security controls within the organization, by analysing alert settings and detections, minimizing false positives and actively taking responsibility for all of the Security Operations team controls and tooling, while ensuring all relevant documents are of required standard.

  1. Accountabilities and Activities

Overall Responsibilities:

  • Be responsible for the tools and services allocated to you.
  • Aid in the development of security standards and best practices, and implement controls to help meet them.
  • Develop use cases, playbooks, policies and developing custom tooling to improve our security maturity.
  • Help to develop our strategies to respond to and recover from security incidents and breaches.
  • Contribute to the education of our colleagues and team members through training and building awareness.
  • Where appropriate, be part of project teams to assist projects and team members with the installation or processing of new security products and procedures.
  • Undertake testing of our security controls to make sure they are operating within the expected detection guidelines and any upgrades are implemented successfully.
  • Investigate and resolve complex and high-priority incidents.
  • Ensure IS policies and procedures are adhered to, including security and technical standards.
  • Create and maintain documentation related to current and future security controls and service.
  • Implement and undertake system backup, DR procedures and policies for all security controls.
  • Aid in the design and development of security solutions and services.
  • Help with the production and design standards for security solutions to meet business security needs.

 

 

Analytics:

  • Help develop security and operational tools, policies and rule bases to monitor and analyse the security posture of the IT estate and identify anomalous activity and behaviours.
  • Help to refine and develop dashboards and reports to continuously improve security situational awareness.
  • Help in the production of reports and MI to present activity and outcome of operational security services improvements.
  • Develop new and improve upon existing policies and ruleset for tooling and services.

Incident management:

  • Work with the broader CSIRT and Security Operations team to assist with security incidents, via the use of IOC’s and common patterns.
  • Facilitate recovery, following the resolution of incidents to help drive and identify areas of improvement in detection capability.

Information security:

  • Understand what are security risks, how these should be escalated and mitigated, as required.
  • Assist when required to assist with the ongoing detection and testing of security controls.
  • Provide advice and guidance to other teams within the business on good practice and maintain relevant and current industry knowledge.

Security administration:

  • Maintain security administration processes and checks that all requests for support are dealt with according to agreed procedures.
  • Provide guidance in defining access rights and privileges.
  • Operate or support the operation of tools that contribute to effective security posture.
  • Assistance with the onboarding of any enhancements to the security tools, including deployment and on-going management and maintenance.
  • Support the review of information security policies and baseline control standards, by influencing required additional and updated controls based on the content of internal and external audit reports, trends derived from security operations, information from project-based activities and incident resolutions.

 

 

.         Qualifications, Training and Experience

  • The ideal candidate will have a varied IT career, which has a good amount of experience within a BAU support environment. Whether that be in an End-User Computing, Hosting or Networks discipline, or all three.
  • A good working knowledge of cloud-based technologies is a distinct advantage. (Azure, AWS)
  • You will have a track record of technical delivery working within a fast-paced environment.
  • You are confident of your technical expertise and can present themselves as a technical authority.
  • Experience of Security Monitoring tools.
  • Experience of Vulnerability Management tools.
  • Knowledge of perimeter and host security intrusion techniques.
  • Has a proven ability to develop workable product solutions to address the strategic necessities of the Security Operations team.
  • Experience of any of the following tools is a distinct advantage:

- IBM Q Radar, Microsoft Defender ATP, Microsoft Sentinel (and KQL), Tenable, Vectra, Carbon Black, ZScaler.

4.         Judgement Skills

  • Investigates defines and resolves complex issues.
  • Select appropriately from applicable standards, methods, tools and applications.
  • Communicates fluently, orally and in writing, and can present complex information to both technical and non-technical audiences.
  • Facilitates collaboration between stakeholders who share common objectives.
  • Plans, schedules and monitors work to meet time and quality targets.
  • Rapidly absorbs new information and applies it effectively.
  • Maintains an awareness of developing technologies and their application and takes some responsibility for driving own development.

5.         Freedom of Action

  • Works under general direction within a clear framework of accountability.
  • Exercises substantial personal responsibility and autonomy.
  • Plans own work to meet given objectives and processes.
  • Interacts with and influences colleagues.
  • Has working-level contact with customers, suppliers and partners.
  • May supervise others or make decisions which impact the work assigned to individuals or phases of projects

 

  •  

6.           Dimensions

  • No direct reports
  • No budgetary responsibility

7.          Environment

Although currently a working from home role, the role will eventually be primarily in an office environment, and travel may be required to other office locations.

Disclaimer:
This vacancy is being advertised by Advanced Resource Managers. ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.

Key Consultant

Ryan Baker

Ryan.Baker@arm.co.uk

02392228221

Apply
Location
Staines, Surrey, England
Salary
£400 - £440 Per Day
Job type
Contract
Category
Perimeter & Infrastructure Security
Job Reference
106485
Posted on
11 Jan 2021
« Back to results

Register

Register with ARM's job board to receive the latest opportunities that match your criteria straight in your email inbox, manage your job search and receive our newsletter.

Register

Be part of our story. Let's get to work!

Looking for a different recruitment experience? Work with an award-winning multidisciplinary team of technology and engineering recruitment experts, find out exactly what makes ARM stand apart.

About ARM