We have a fantastic opportunity for a Cyber Security/SecOps Engineer to work with our Central Government client on an initial 6-month contract. The Cyber Security Engineer will be responsible for improving the telemetry, processes and tools for the SIEM/Monitoring systems and SOC team. This role requires proven experience with security telemetry, security intelligence, anomaly hunting and incident response.
This role requires an analytical mindset and a deep knowledge of the current and emerging threat landscape. The ability to research a threat or vulnerability and to deliver clear and concise 'actionable intelligence' to mitigate against risk is essential.
The Cyber Security Engineer will be expected to understand current network defence technology and to optimize or create new high value 'use cases' and rules to defend against the latest threats.
The ability to research threats, create reports and to clearly articulate recommendations to senior members of the team is essential to this role.
As a SecOps Engineer you will be responsible for maintaining and continually improving the
security of some of our clients key digital platforms, used by millions of people
You will work with agile product delivery teams on the secure design, configuration, deployment, testing and management of applicatio-1ns and systems in traditional data center and cloud environments. You will be responsible for automating common, repeatable tasks to improve the cyber security around some of our most important datasets and services.
You will ensure that vulnerability management best practice is followed and that code is
developed securely, avoiding common pitfalls. You will support automated and manual
security testing of our deployed infrastructure and applications, and manage the findings
from these tests.
As a SecOps professional you will drive the development of new security capabilities to
support delivery and ensure that the tools and approaches used are effective. This role will
give you the opportunity to get hands on and build security into systems.
You will take a proactive role in securing the digital environment to ensure effective rootcause and trend analysis of security threats and issues. As part of the role you will be
expected to investigate anomalous activity and support incident resolution with the service.
You will liaise effectively with interested stakeholders to ensure that lessons are learned and
will communicate threats to aid continuous information assurance. You will be required to
challenge and propose changes to existing processes where they do not contribute to the
rapid delivery of a secure service.
Skills and Requirements
- Previous experience working on AWS Security on services (IAM, Cognito, KMS,
- A strong overall AWS Knowledge is essential
- Extensive experience with automation using scripting languages, such as Perl,
Python, Ruby, and/or Bash as well as configuration of infrastructure with code
automation (e.g. Atlassian tools, Ansible, Puppet, or Chef).
- Experience with version control software and job execution tools, such as Git, GoCD,
Octopus, Jenkins, RunDeck, SaltStack.
- Experience with cloud platforms to include virtualization, containerisation and
orchestration technologies, such as AWS, Azure, Docker, Kubernetes,
etc. Experience of secure coding and testing across a variety of tools (static, dynamic,
and both automated and manual) and vulnerability management. Communicating risk
in a clear manner to inform business decisions
- Deep knowledge of networking, infrastructure and applications
- Experience with agile and continuous development methodologies, including the
practices, platforms and tools which support them
- Polyglot technologist with the ability to quickly learn, adapt and use different
technologies, including but not limited to Cloud platforms and protective monitoring
- Broad knowledge of security controls and how they can be applied in a traditional IT
environment and cloud based systems
- In depth understanding of the methods of technical attack and how these can be
detected in a digital environment
- Knowledge of the concepts of information security, and of current and emerging IT
security, data protection and information risk principles and technologies.
- Knowledge of security monitoring, prevention and control systems including but not
limited to firewalls, IDS/IPS, web proxies, antivirus and log correlation solutions...... click apply for full job details