Cyber Security Engineer– Blue Team
Salary: £50k basic + package
Our client is a diversified international food, ingredients and retail group operating in 50 countries. Whilst some companies claim to be ‘the best thing since sliced bread’, this company actually are! In the 1930’s they introduced sliced bread to the UK for the first time.
The Security Operations team provides a suite of operationally focused services to our clients Shared Service Centre businesses. Their Security Operations Centre is at the heart of that provision, providing detection and response services that quickly identify and effectively respond to cyber threats.
Reporting to the Security Operations Manager, the Cyber Engineering function performs two key roles; to act as point of escalation, dealing with threats that are not handled by our current operational systems/playbooks, and ensuring any technology, process, or knowledge gaps are remedied for future incidents so we can continue to improve our service.
This role specifically focuses on defense and incident response, investigating the unknown and developing new techniques to increase our detection capability. For more in-depth investigations, the role would include detailed analysis of forensic artifacts, and where necessary, working with our external Incident Response partners.
We are highly committed to enabling our business to operate safely and efficiently. Our Cyber Engineering team play a key role in defining how we achieve those goals.
- Sourcing, maintaining and enhancing a toolset for advanced collection and analysis of artefacts (such as memory and disk images)
- Ownership of the cyber security lab
- Ownership of the Incident Response process, ensuring we can effectively handle incidents across our diverse IT estate, on premise and in the cloud
- Ownership of the technology stack and processes supporting detection and response; from logging to case management
- Continuous improvement of our security posture
- Keep abreast of advances in defensive techniques, tactics and tools
- Works with the offensive team (as a purple team) to synthesize attacks, and test defences
- Working with our Managed Security Service Provider to ensure their service generates timely and accurate alerts to security events
- Mentoring more junior members of the team, and other tiers of the SOC
- Managing security incidents in the role of Incident Commander
- Building relationships with Business Unit security and operations teams
- Identifying inefficiencies and working to improve the effectiveness and quality of the service we offer
Why this role/company?
- Opportunity to work for a global organisation and recognised household brands
- Operational hours 8-6pm (flexibility required)
- Up to 10% annual bonus
- Annual Pay Review
- Access to E-learning platform
- Excellent and Supportive working environment
- 25 days annual leave + bank holiday
- Cycle to work scheme
- Previous Experience of working within a security function
- Experience of managing and tuning a log management platform in a large enterprise environment
- Experience of leading Incident Response activities
- Bachelor's degree in Computer Science or related field, or equivalent work experience
- 3 years’ work experience in Information Technology
For more information, or if you’re interested in having an informal chat regarding the role please contact Thom Taylor on 01908 030131 or email@example.com