Senior Systems Engineer
Occasional out of Hours required, paid at time and a half
Do you want to be part of a consultancy at the cutting edge of information security? This company pride themselves on their unique and meticulous approach to helping our clients solve their most complex information security challenges.
They are growing rapidly and expanding both teams and their service range. Now have offices in the UK, Germany, Australia and the US, and are recruiting in our Response team to support the growing business.
What does the Response team do?
The Response Team is regularly involved in Network Compromise Assessments and Incident Response Engagements involving large, complicated environments targeted by very capable malicious actors. The Response Team monitor live networks and investigate previous compromises to understand how an attack unfolded and provide information to the client as to what systems were accessed, what data was stolen, and how to minimise the chances of such attacks in the future.
- Gaining an appreciation for how the Response toolsets are used with a view to continually improving service to users;
- Working with customers to deploy necessary endpoint and networking monitoring tools in the initial stages of an engagement;
- Ensure the effective running of existing systems, which includes regular maintenance and compliance with necessary regulations;
- Supporting client engagements;
- Maintaining and improving technical services and capabilities.
- This list is not intended to be exhaustive and the incumbent will be expected to take on additional responsibilities as directed by their Line Manager or as dictated by the business needs of the company.
- Engineers in this area are often required to help support consultants by providing technical support on conference calls and occasionally onsite
- Comprehensive knowledge of Linux administration and application debugging techniques;
- Comprehensive knowledge of at least one scripting language;
- Comprehensive knowledge of common network protocols such as TCP/IP, HTTP, DNS, TLS;
- Good knowledge of network administration (especially Cisco, Arista, and Palo Alto equipment);
- Good knowledge of Windows environments;
- Good knowledge of current and past Information Security threats;
- Good knowledge of IDS principals, the purpose of them and an understanding of how they work;
- Good knowledge of SQL database administration;
- Good knowledge of VMWare administration and architecture;
- Experience troubleshooting and providing feedback on in-house and third-party provided tools;
- Exceptional problem solving abilities, analysis and communication skills.
- Prior experience with the following toolsets and services are desired, but not strictly required:
- Log analysis frameworks (e.g. ELK, Splunk, LogRhythm);
- Packet capture solutions (e.g. RSA NetWitness, Wireshark, tcpdump);
- IDS solutions (e.g. Firepower, Suricata);
- Endpoint monitoring solutions (e.g. Carbon Black, Falcon);
- Digital forensics (e.g. Encase, X-Ways).
Additionally, they host a comprehensive bonus scheme and benefits including:
- 25 days annual leave, option to buy up to 5 extra days;
- Company pension scheme, contributory of up to 8%;
- Company share plan;
- Numerous voluntary benefits including Cycle to Work Scheme, Childcare Voucher Scheme, Season Ticket Loan;
- Free eye tests and sabbatical options.
- Employees also benefit from an individually tailored learning and development plan which can include financial support with tuition/exam fees and access to various conference opportunities.
The role is based in our Cheltenham office. Occasional travel is a possibility.
The role may occasionally require the individual to work outside normal business hours.