Information Security Engineer
- Full Time
Closing date: 20/11/2019
Employment type: Permanent
Department: Group IT - IT Operations
London, office based, with travel throughout the UK & Channel Islands
The InfoSec Engineer will be an integral part of the Infrastructure Team, planning and carrying out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks.
The InfoSec Engineer will define, implement, uphold and maintain security standards. Safeguarding the infrastructure and resources, supporting day-to-day operations, along with current and future project initiatives.
Develop Information Security Plans and Policies
- Help plan and carry out information security strategy
- Develop a set of security standards and best practices, and recommend security enhancements to management as needed
- Develop strategies to respond to and recover from a security breach
- Responsible for educating the workforce on information security through training and building awareness
- Install and use software, such as firewalls and data encryption programs, to protect organizations’ sensitive information.
- Assist computer users with installation or processing of new security products and procedures.
Test for Vulnerabilities
- Conduct periodic scans of networks to find any vulnerability
- Conduct penetration testing, in which they simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party
Monitor for Security Breaches
- Constantly monitor networks and systems for security breaches or intrusions
- Install software that helps notify of intrusions and watch out for irregular system behaviour.
Investigate Security Breaches
- If a breach has occurred, leads incident response activities to minimise the impact
- Lead a technical and forensic investigation into how the breach happened and the extent of the damage
- Prepare reports of findings to be reported to management.
- design new security systems and upgrade existing ones
- use advanced analytic tools to determine emerging threat patterns and vulnerabilities
- engage in 'ethical hacking', for example, simulating security breaches
- identify potential weaknesses and implement measures, such as firewalls and encryption
- investigate security alerts and provide incident response
- monitor identity and access management, including monitoring for abuse of permissions by authorised system users
- monitor for attacks, intrusions and unusual, unauthorized or illegal activity
- test and evaluate security products
- monitor and respond to 'phishing' emails and 'pharming' activity
- direct experience with anti-virus software, access management, vulnerability management, intrusion detection, firewalls and content filtering
- experience with CyberEssentials, ISO27001 and PCI-DSS
- DNS, DMARC, SPF, DKIM
- experience designing secure networks, systems and application architectures on prem and cloud based
- Professional experience in a system administration role supporting multiple platforms and applications
- keep up to date with the latest security and technology developments
- research/evaluate emerging cyber security threats and ways to manage them
- knowledge of disaster recovery, computer forensic tools, technologies and methods
- liaise with stakeholders in relation to cyber security issues and provide future recommendations
- generate reports for both technical and non-technical staff and stakeholders
- knowledge of risk assessment tools, technologies and methods
- assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
- give advice and guidance to staff on issues such as spam and unwanted or malicious email
- Ability to communicate network security issues to peers and management
- Ability to read and use the results of mobile code, malicious code, and anti-virus software
- Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention
Knowledge, skills and experience required
- To proactively implement, update, maintain, manage, monitor, and support enterprise network and systems infrastructure
- To mentor and lead other technical engineers and technical personnel
- Experience planning, researching, developing & communicating security policies, standards and procedures
- To lead/facilitate meetings and conduct presentations to technical and business staff
- To communicate technical concepts and proposals into understandable and justifiable business initiatives
- To participate in the definition of specific technical design, product selection, device standardization
- Be aware of key business objectives and ensure these are applied appropriately to all business activities
- Develop effective relationships
- Able to anticipate and understand customer expectations, and ensure customer requirements are met and expectations appropriately managed
- Able to build partner relationships with customers and focus on solving their problems.
- Effective communication skills suitable for the management of and liaison with departmental staff and senior management, both on a one to one and one to many basis
- Demonstrate effective communication, both orally and in writing, with peers, colleagues, clients and customers including producing reports, preparing, organising and delivering presentations using appropriate tools and techniques, and taking a leading role in meetings and discussions.
- Effective at determining a course of action by breaking it down into smaller steps and by planning and resourcing each of these, making allowance for potential problems
- Must manage the field of responsibility within allocated budgets and be able to plan and forecast future budgets based on business priorities.
- Awareness of BPP strategy, policies and procedures. Aware of how the organisation operates.
- Able to contribute effectively towards the objectives of a team, and be able to share knowledge, ideas and information
- Aware of the needs, objectives and constraints of those in other disciplines and functions
- Able to solve problems in a measured and creative way
- Capable of independently assessing a wide variety of tasks and be proactive in relation to identifying and undertaking activities that are to the benefit of the business
- Able to balance long and short-term objectives and understand business value. Be responsible for own decisions.
- Act in a professional manner and exhibit the required behaviour that should act as an example to other employees
- Able to network throughout the wider IT community.
- Undertake tasks with a positive attitude and respond well to management and client requests.
- Must be prepared to meet business goals and respond well to change.
- Azure, AWS, On prem
- Tenable, Nessus, Bluecoat, Checkpoint, Cisco, Meraki, Windows, Linux, NetAPP, f5
- Extensive experience in a similar role
- CISSP Certification
- AWS Certified Security – Speciality
- Azure Security Engineer Associate
- ITIL Foundation