Location: London
Closing date: 05/11/2019
Salary: Competitive
Employment type: Permanent
Department: Group IT - IT Operations

London, office based, with travel throughout the UK & Channel Islands

Job Purpose:

The InfoSec Engineer will be an integral part of the Infrastructure Team, planning and carrying out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks. 

The InfoSec Engineer will define, implement, uphold and maintain security standards.  Safeguarding the infrastructure and resources, supporting day-to-day operations, along with current and future project initiatives.

Responsibilities:

Develop Information Security Plans and Policies

• Help plan and carry out information security strategy
• Develop a set of security standards and best practices, and recommend security enhancements to management as needed
• Develop strategies to respond to and recover from a security breach
• Responsible for educating the workforce on information security through training and building awareness

Implement Protections

• Install and use software, such as firewalls and data encryption programs, to protect organizations’ sensitive information.
• Assist computer users with installation or processing of new security products and procedures.

Test for Vulnerabilities

• Conduct periodic scans of networks to find any vulnerability
• Conduct penetration testing, in which they simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party

Monitor for Security Breaches

• Constantly monitor networks and systems for security breaches or intrusions
• Install software that helps notify of intrusions and watch out for irregular system behaviour.

Investigate Security Breaches

• If a breach has occurred, leads incident response activities to minimise the impact
• Lead a technical and forensic investigation into how the breach happened and the extent of the damage
• Prepare reports of findings to be reported to management.

Core skills:

• design new security systems and upgrade existing ones
• use advanced analytic tools to determine emerging threat patterns and vulnerabilities
• engage in 'ethical hacking', for example, simulating security breaches
• identify potential weaknesses and implement measures, such as firewalls and encryption
• investigate security alerts and provide incident response
• monitor identity and access management, including monitoring for abuse of permissions by authorised system users
• monitor for attacks, intrusions and unusual, unauthorized or illegal activity
• test and evaluate security products
• monitor and respond to 'phishing' emails and 'pharming' activity
• direct experience with anti-virus software, access management, vulnerability management, intrusion detection, firewalls and content filtering
• experience with CyberEssentials, ISO27001 and PCI-DSS
• DNS, DMARC, SPF, DKIM
• experience designing secure networks, systems and application architectures on prem and cloud based
• Professional experience in a system administration role supporting multiple platforms and applications
• keep up to date with the latest security and technology developments
• research/evaluate emerging cyber security threats and ways to manage them
• knowledge of disaster recovery, computer forensic tools, technologies and methods
• liaise with stakeholders in relation to cyber security issues and provide future recommendations
• generate reports for both technical and non-technical staff and stakeholders
• knowledge of risk assessment tools, technologies and methods
• assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
• give advice and guidance to staff on issues such as spam and unwanted or malicious email
• Ability to communicate network security issues to peers and management
• Ability to read and use the results of mobile code, malicious code, and anti-virus software
• Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention

Knowledge, skills and experience required

• To proactively implement, update, maintain, manage, monitor, and support enterprise network and systems infrastructure
• To mentor and lead other technical engineers and technical personnel 
• Experience planning, researching, developing & communicating security policies, standards and procedures
• To lead/facilitate meetings and conduct presentations to technical and business staff
• To communicate technical concepts and proposals into understandable and justifiable business initiatives
• To participate in the definition of specific technical design, product selection, device standardization
• Be aware of key business objectives and ensure these are applied appropriately to all business activities
• Develop effective relationships
• Able to anticipate and understand customer expectations, and ensure customer requirements are met and expectations appropriately managed
• Able to build partner relationships with customers and focus on solving their problems.
• Effective communication skills suitable for the management of and liaison with departmental staff and senior management, both on a one to one and one to many basis
• Demonstrate effective communication, both orally and in writing, with peers, colleagues, clients and customers including producing reports, preparing, organising and delivering presentations using appropriate tools and techniques, and taking a leading role in meetings and discussions.
• Effective at determining a course of action by breaking it down into smaller steps and by planning and resourcing each of these, making allowance for potential problems
• Must manage the field of responsibility within allocated budgets and be able to plan and forecast future budgets based on business priorities.
• Awareness of BPP strategy, policies and procedures. Aware of how the organisation operates.
• Able to contribute effectively towards the objectives of a team, and be able to share knowledge, ideas and information
• Aware of the needs, objectives and constraints of those in other disciplines and functions
• Able to solve problems in a measured and creative way
• Capable of independently assessing a wide variety of tasks and be proactive in relation to identifying and undertaking activities that are to the benefit of the business
• Able to balance long and short-term objectives and understand business value. Be responsible for own decisions.
• Act in a professional manner and exhibit the required behaviour that should act as an example to other employees
• Able to network throughout the wider IT community.
• Undertake tasks with a positive attitude and respond well to management and client requests.
• Must be prepared to meet business goals and respond well to change.
• Azure, AWS, On prem
• Tenable, Nessus, Bluecoat, Checkpoint, Cisco, Meraki, Windows, Linux, NetAPP, f5
• Extensive experience in a similar role
• CISSP Certification
• AWS Certified Security – Speciality
• Azure Security Engineer Associate
• ITIL Foundation

Information Security Engineer