Security Operations Engineer

Posted 21 September by Jobheron
Easy Apply

Register and upload your CV to apply with just one click

An experienced, qualified Security Operations Engineer is needed by this leading provider of digital transformation software solutions to be based in their York HQ.

About the role, here's a taste of what you'll be doing..

  • Monitoring client security infrastructure, identifying and reporting Real Time attacks and vulnerabilities on the client network.
  • Identification of incidents and subsequent analysis and investigation to determine their severity and the response required.
  • Ensure that incidents are correctly reported and documented in accordance with government policy and procedures.
  • Maintain a keen understanding of evolving threats and vulnerabilities to ensure the security of the client network.
  • As required update Protective Monitoring/SOC documentation, processes and procedures and ensure currency.
  • Provide on job training to develop junior members of the SOC team.
  • Design and implement technical security controls and act as a Security Expert on the Change Control Board.
  • Management frameworks (ISO 270x, ITIL, COBIT, NIST or CIS)
  • Implement and manage processes to operate within a Managed Security Operations Centre
  • IDS/IPS and WAF policies/rules administration and maintenance.
  • Knowledge of Azure security and networking configurations eg security groups, subnets and routing tables

About you..

  • Have Security Tool Administration experience as well as experience of building and maintaining security systems, as well as a thorough understanding of the latest security principles, techniques and protocols.
  • Have a solid understanding of security technologies at an SME level and good understanding of SOC tooling.
  • Firewall Management (Palo Alto; Sophos; Checkpoint). Qualified desirable.
  • Commercial experience within the information and cyber security domain. Hands on experience in IT system administration, network administration, security operations centre would be advantageous
  • Knowledge of SIEM / Log Aggregators (Splunk, IBM QRadar, LogRhythm, Darktrace, Generic Syslog) Tools & Processes
  • Working knowledge of patch management, anti-malware, APT, identity and access control management tool sets and knowledge of vulnerability/ compliance a nice to have!
  • Experience and knowledge of OSI layers and TCP/IP troubleshooting techniques.
  • Experience with Firewall and VPN techniques and protocols. Site to site and SSLVPN design concepts and implementations.
  • Excellent interpersonal and communication
  • Change Request and Management understanding
  • Scripting, system integration including API use
  • Understanding of security tools, frameworks, standards and their domains
  • Worked within a SOC, NOC, or other Technical Service or Infrastructure Team

If this sounds of interest please click APPLY for consideration.


IND123

Reference: 40935601

Bank or payment details should never be provided when applying for a job. For information on how to stay safe in your job search, visit SAFERjobs.

Report this job