An experienced, qualified Security Operations Engineer is needed by this leading provider of digital transformation software solutions to be based in their York HQ.
About the role, here's a taste of what you'll be doing:
- Monitoring client security infrastructure, identifying and reporting Real Time attacks and vulnerabilities on the client network.
- Identification of incidents and subsequent analysis and investigation to determine their severity and the response required.
- Ensure that incidents are correctly reported and documented in accordance with government policy and procedures.
- Maintain a keen understanding of evolving threats and vulnerabilities to ensure the security of the client network.
- As required update Protective Monitoring/SOC documentation, processes and procedures and ensure currency.
- Provide on job training to develop junior members of the SOC team.
- Design and implement technical security controls and act as a Security Expert on the Change Control Board.
- management frameworks (ISO 270x, ITIL, COBIT, NIST or CIS)
- Implement and manage processes to operate within a Managed Security Operations Centre
- IDS/IPS and WAF policies/rules administration and maintenance.
- Knowledge of Azure security and networking configurations eg security groups, subnets and routing tables
- Have Security Tool Administration experience as well as experience of building and maintaining security systems, as well as a thorough understanding of the latest security principles, techniques and protocols.
- Have a solid understanding of security technologies at an SME level and good understanding of SOC tooling.
- Firewall Management (Palo Alto; Sophos; Checkpoint). Qualified desirable.
- commercial experience within the information and cyber security domain. Hands on experience in IT system administration, network administration, security operations centre would be advantageous
- Knowledge of SIEM / Log Aggregators (Splunk, IBM QRadar, LogRhythm, Darktrace, Generic Syslog) Tools & Processes
- Working knowledge of patch management, anti-malware, APT, identity and access control management tool sets and knowledge of vulnerability/ compliance a nice to have!
- Experience and knowledge of OSI layers and TCP/IP troubleshooting techniques.
- Experience with Firewall and VPN techniques and protocols. Site to site and SSLVPN design concepts and implementations.
- Excellent interpersonal and communication
- Change Request and Management understanding
- Scripting, system integration including API use
- Understanding of security tools, frameworks, standards and their domains
- Worked within a SOC, NOC, or other Technical Service or Infrastructure Team
If this sounds of interest please click APPLY for consideration.
32,000.00 - 48,000.00 per year