Cyber Security Engineer - Security Operations - Investment Management

16th November 2021
Permanent West End & Mayfair
£70k & City Benefits & Bonus

The Security Operations team runs 24/7 on a global basis and you will be the 1st member of this well regarded team to be based in the London office. The team has grown from 1 to 5 in the past 2 years and this really is a great opportunity to get in on the ground floor in what is an ever expanding remit. This role is offered at Senior Associate Level however you would be expected to make VP within 2-3 years as you move towards leadership and mentoring of new team members coming behind you.

You will be working in the Security Operations team to continually investigate, monitor and improve the firm's security posture. Working alongside a larger security team, this role is in continuous communication with both the Governance and Architecture teams to protect against current and emerging cyber threats to the organisation

Security here covers Operations Architecture and Governance and this role  will give you scope to move around the function, or specialise, and as well as the chance for international travel to the other key locations..

We are looking for someone with intelligence, the right attitude and a high degree of integrity.

 

Experience & Certs

  • 5-7 Years General IT Experience
  • 1-3 Years in a “cloud first” or mixed cloud / landed environment 
  • Any relevant certification e.g. CISSP
  • Any industry sector

 

Job Knowledge, Skills & Abilities

  • Intermediate experience EDR, EPP, SIEM tools
  • Entry experience with SOAR or other automation framework
  • Some knowledge of one more scripting languages (Python, PowerShell, Etc.)
  • Experience managing alert and incident flow in a automated system such as ServiceNOW
  • Experience with data structures and reporting and reporting tools
  • Entry level understanding of incident response, investigation, and InfoSec forensics tools / procedures/ methods
  • Creation and fine tuning of correlation rules within security toolsets
  • Writing and communication in appropriate methods with an understanding of incident handling, regulator, and legal perspectives
  • Awareness of risk, business need, and incident context to resolve and escalate incidents as necessary
  • Utilising threat intel to increase the predictive nature of security monitoring while adding contextual value to security alerts
  • Threat modelling with the application of MITRE frameworks in the context of a security operations program

 

The Job

  • Analysis of security events to confirm real incidents and adjustment of false positive
  • Escalation point for security related tickets and incident triage
  • Understand information security frameworks such as NIST or CIS
  • Provide feedback on alert and signal data and collaborate with architecture and engineering teams to constantly optimise signal effectiveness and validity
  • Utilisation of security tools to monitor for security risks and insider threats that include: EDR, SIEM, SOAR, NGAV, Deception, NAC, IPS and Threat Intel
  • Liaison between third party managed security service provider and internal security resources
  • Assisting with developing and creating ways to automate the security operations response to incidents
  • Mentor junior members of the team and become an advocate for security across all departments

 

***Fast turnaround and slick interview process***

 

This client are working a hybrid pattern and so you will need to be happy and able to attend the office circa 2 days per week if needed,