My Governmental Body client, based in central London Is seeking to recruit a Security Operations Engineer on an initial 6-month contract at a day rate of 500-600.
You are part of the Security Operations team, providing expert hands-on cyber security support to our technology systems. Your work provides constant vigilance against cyber security attacks on our systems, and effective response when attacks are detected. You are always working to find better ways to defend and protect our systems and users.
As a Security Operations Engineer, you will work with product and project teams on to automate common, repeatable tasks to improve the cyber security around some of our most important datasets and services. You will spend much of your time working closely with these operational teams, taking on security tasks, ensuring good practices are being followed from a security perspective, and providing feedback to cyber security risk managers and other system defenders on areas where risks are changing.
- Working closely with operational teams to ensure that vulnerability management good practices are followed, and that code is developed and deployed securely, avoiding common pitfalls.
- Supporting automated and manual security testing of our deployed infrastructure and applications and manage the findings from these tests.
- Development and automation of security capabilities for the product and operational teams you are working with. Ensuring emerging security threats are promptly addressed or escalated for wider remediation and sharing of good security practices.
- You will take a proactive role in securing the digital environment to ensure effective root- cause and trend analysis of security threats and issues. As part of the role you will be expected to investigate anomalous activity and support incident resolution with the service.
- You will liaise effectively with interested stakeholders to ensure that lessons are learned and will communicate threats to aid continuous information assurance. You will challenge and propose changes to existing processes to make them more effective at delivering services securely.
- The essential skills and experience required are
- Experience in threat and vulnerability management, application security, and using analytic skills to understand the security implications of events within a system.
- In-depth understanding of the methods of cyber security attack on modern systems and how these can be detected in an enterprise and/or digital environment.
- Knowledge of the concepts of information security, and of current and emerging IT security, data protection and information risk principles and technologies. Broad knowledge of security controls and how they can be applied in a traditional IT environment and cloud-based systems.
- Knowledge of security monitoring, prevention and control systems including but not limited to
- Firewalls, IDS/IPS, web proxies, antivirus and log correlation solutions. Knowledge of penetration testing and related disciplines.
- Effective communication skills particularly during incidents and events, to ensure pragmatic and informed decisions are made.
- Experience of security automation using scripting languages, such as Perl, Python, Ruby, and/or Bash as well as configuration of infrastructure with code automation (e.g. Atlassian tools, Ansible, Puppet, or Chef).
- Experience with version control software and job execution tools, such as Git, GoCD, Octopus, Jenkins, RunDeck, SaltStack.
- Experience with cloud platforms to include virtualization, containerisation and orchestration technologies, such as AWS, Azure, Docker, Kubernetes, etc.
- Experience of secure coding and testing across a variety of tools (static, dynamic, and both automated and manual) and vulnerability management.
- Knowledge of security architectures, in particular for modern digital services, including how they are developed and operated at scale.