Senior Cyber Security Engineer
Our clients Cybersecurity Engineering team is responsible for the architecture, design and delivery of the cybersecurity capabilities for the company. The Cybersecurity Engineering team reports to the CISO.
They are looking for an enthusiastic senior CyberSecurity Engineer who will architect, engineer and own specific cybersecurity capabilities through their lifecycle, ensuring the group is secure and resilient to cyber threats. The team works in close partnership within the wider CyberSecurity team and other technology and business teams.
The role holder will have a strong understanding of modern attacker techniques, tools and procedures balanced with experience in modern implementable approaches to engineering cyber defence solutions.
The ideal candidate will have the following traits:
- Critical thinker who asks pertinent questions.
- Proactive mindset takes the initiative to push deliveries forward.
- Passion for continuous learning and development looks for new approaches to solving challenges.
- Values collaboration and knowledge sharing.
- Attention to detail.
- Ability to work well under pressure and when ambiguity is present.
- Leads through influence.
- Advocates for best practice and the right outcomes.
- Strong verbal and written communication skills, with ability to communicate technical information to non-technical stakeholders in a concise manner.
- Values incremental gains over large infrequent deliveries.
Key responsibilities of the role:
- Define the architecture and design of specific cybersecurity capabilities.
- Develop and own the roadmap for the specific domain area(s).
- Contribute to the group cybersecurity strategy.
- Lead on the delivery of cybersecurity control project(s) for the domain area.
- Drive change projects and the build of new capabilities and processes.
- Own the control and any configurations related to cybersecurity.
- Author and/or contribute to related policies, standards and architecture patterns.
- Ensure all cybersecurity capabilities are appropriately documented and service transitioned with all necessary artefacts completed.
- Develop key indications and analysis to continually evidence control effectiveness in the group.
- Manage third parties and others in their deliveries.
- Potentially managing a small number of resources.
- Ensuring the maximum value is exploited from solutions and optimal configurations are in place for the specific operating and threat environments.
Technical Experience and Knowledge:
- Broad experience of technology domains. Quick to assimilate new concepts and technologies.
- Architecture and engineering experience of layered security capabilities.
- Clear & concise documentation skills tailored to the target audience.
- Defining of processes to support administrative or technical control.
- Security and architecture-specific technical accreditations such as OSCP, CISSP, TOGAF, GIAC or those relevant to the specific domain of expertise
- Strong understanding of the tools, techniques and procedures used by adversaries to breach and progress compromises within organisations, ideally from direct experience.
- Flexible in approach, adapting plans and strategies to help manage risks around ambiguity.
- Engineering sustainable solutions and processes for the long term.
- Familiarity with NIST CSF, CIS Framework.
Specific Domain Knowledge & Experience:
- The role holder will have the following specific domain knowledge and experience.
- Strong experience of service provider, enterprise and cloud networking technologies, ideally having deep network design, engineering and operations experience.
- Network & host-based SDN solutions including container networking.
- Application delivery controllers, load balancing and web application firewalls.
- Network security technologies, for example, firewall, intrusion prevention, network behaviour analytics, flow-based analytics, network access control and network discovery.
- Securing Internet-facing systems and services, DNS, content delivery networks, denial of service mitigation and so on.
- Encryption of network communications, line encryptors, VPNs, TLS.
- Proxy services and associated security controls, on-premise and cloud solutions.
- Network segmentation approaches and strategies, micro-segmentation, policy & process design and validation.
- Security integration into network automation pipelines.
- Securing of third party customer/partner/supplier points of connections.
- Authoring of network security standards & guidelines.
Beneficial skills, experience and certifications:
- Financial Services experience with the experience of regulator and relevant industry compliance schemes. A mix of experience outside of financial services such as at technology-focused companies is beneficial.
- Experience of working in a managed service provider and associated service catalogues.
- Experience of cloud services, including SaaS and across multiple public clouds.
- Threat modelling and planning for failure.
- Demonstrable experience of having worked in the operations, engineering and architecture domains during career.
- Incident investigation and response experience.
- Competent with one or more programming/scripting languages (e.g. Python, PowerShell, Java, C#, GO).
- Modern engineering practices, agile practices, automation and deployment pipelines.
Apply for this role
All fields marked with * are required.