Cyber Security Engineer - Red Team
About the Company
The company is a diversified international food, ingredients and retail group operating in 50 countries. Whilst some companies claim to be ‘the best thing since sliced bread’, this company actually are! In the 1930’s they introduced sliced bread to the UK for the first time.
The Security Operations Team provides a suite of operationally focused services to Shared Service Centre businesses. Our SOC is at the heart of that provision, providing detection and response services that quickly identify and effectively respond to cyber threats.
Reporting to the Security Operations Manager, the Cyber Engineering function performs two key roles; to act as point of escalation, dealing with threats that are not handled by our current operational systems/playbooks, and ensuring any technology, process, or knowledge gaps are remedied for future incidents so we can continue to improve our service.
This role specifically focuses on the tool set used by our operational teams; ensuring they’re fit for purpose and configured to provide optimum detection and prevention capabilities. To achieve that, the role encompasses considering an ‘attackers view’ of cyber security, helping us better understand how to defend our estate by assessing it from an attacker’s perspective.
We are highly committed to enabling our business to operate safely and efficiently. Our Cyber Engineering team play a key role in defining how we achieve those goals.
- Owning the cyber security tool roadmap, collating and triaging requirements and ensuring delivery.
- Responsible for the upkeep and continued enhancement of internal facing tools such as log management, automation/orchestration and case management tools.
- Continuous improvement of our security posture.
- Keep abreast of advances in attack techniques, tactics and tools.
- Works with the defensive team (as a purple team) to synthesize attacks, and test defences.
- Work with our Managed Security Service Provider to ingest and act on threat intelligence, and vulnerability assessment data.
- Ownership of our OS images from a security perspective.
- Assesses new vendor patches and works with our client architects to build security into our images and device standards.
- Works with our Active Defence team to develop technology and processes so that we can minimise the lead time to install patches based on criticality.
- Mentoring more junior members of the team, and other tiers of the SOC.
- Managing security incidents in the role of Incident Commander.
- Building relationships with Business Unit security and operations teams.
- Identifying inefficiencies and working to improve the effectiveness and quality of the service we offer.
- Previous Experience of working within a security function.
- Experience of managing and tuning a log management platform in a large enterprise environment.
- Experience of performing penetration testing activities.
- Bachelor's degree in Computer Science or related field, or equivalent work experience.
- 3 years’ work experience in Information Technology.
Knowledge & Experience
- In-depth Windows Operating System experience and system internals knowledge.
- Experience of operational management of tools in a large multinational environment.
- Knowledge and experience of using penetration testing of OSINT tools.
- Demonstrable knowledge of attack groups and their techniques, tools and tactics.
- Familiarity with commonly deployed security technologies, such as SIEM tools, Firewalls, Intrusion Prevention Solutions, Internet Proxy Servers, Data Loss Prevention, Endpoint Detection and Response tools, Antivirus and Email filtering.
- Knowledge of application development/DevOps.
- A passion for development and security, and an enthusiasm to learn and share knowledge.
- Curious and tenacious, with a determination to get to the root of an issue.
- Proven analytical and problem-solving abilities.
- Excellent written and oral communication skills.
- Excellent interpersonal skills.
- Highly self-motivated and directed.
- Ability to effectively prioritise and execute tasks in a high-pressure environment.
- Exceptional customer service orientation.
If you are interested in hearing more about this opportunity or would like to apply then please contact Jonny Duggan on 01908 886 038 or email firstname.lastname@example.org.