Senior Information Security Engineer

• Develop and implement security strategies and plans
  
• Manage and maintain security infrastructure
  
• Conduct security risk assessments and audits
  
• Investigate and respond to security incidents
  
• Train and educate employees on security best practices
  
• Stay uptodate on the latest security threats and trends
  
• Work closely with the Engineering Application Support Cloud Support and various Business Teams to improve existing security monitoring and deliver resilient and comprehensive security solutions
  
• Onboard data to the required standards maintain and tune log sources data contents and use cases
  
• Provide evidence of compliance for our audited environments (including PCI ISO27001 ISAE3000 etc)
  
• Define how logs should be parsed and ingested for best practice
  
• Engage with other teams to ensure that the SIEM is performing to standard with all necessary logging sources monitored
  
• Analyse design and deliver solutions to detect and stop adversaries
  
• Propose additional Security Monitoring Use Cases
  
• Define thresholds and baselines to aggregate similar events then write correlation rules
  
• Ensure SIEM technologies are integrated & utilized to protect cyberrelated assets
  
• Support the operation of the comprehensive SIEM platform
  
• Analyse SOC alert statistics and workflows to reduce false positives and increase fidelity.
  
• Manage and improve SIEM infrastructure to improve detection flexibility and reliability.
  
• Build pipelines to enrich logs and alert results to provide a comprehensive view for SOC analysts.
  
• Research new security technologies
  
• Support relationships with 3rd party vendors to enhance monitoring
  
• Contribute to requirements for other security (and allied) technologies such as Endpoint/Network Detection & Response Intrusion Detection/Prevention Web Proxies etc
  
  

Requirements

• Bachelors degree in computer science information security or a related field
  
• 5 years of experience in cybersecurity
  
• Strong understanding of cybersecurity best practices
  
• Proven track record of success in implementing and managing security solutions
  
• Excellent communication and interpersonal skills
  
• Ability to work independently and as part of a team
  
• Seniorlevel experience within a logging and monitoring function with functional knowledge of a Security Operations Centre preferably within a Regulated Financial Services business
  
• Familiar with different log onboarding techniques in Splunk including Syslog HTTP event Universal Forwarder DB Connect and API queries
  
• Has the ability to write SPL and use and populate data models
  
• Previous experience in an audited environment complying with common regulation standards
  
• Experience with other common Security Monitoring Technologies
  
• Knowledge of global security and reporting standards such as NIST and MITRE
  
• Common cloudbased platform technology experience is beneficial
  
• Delivery mindset supported by the ability to execute in a complex technical environment
  
• Experience collaborating crossfunctionally to identify and implement best practice security logging and monitoring processes
  
• Strong interpersonal skills including good communication with the ability to articulate ideas in a precise and concise manner
  
• CISSP GIAC certifications or equivalent
  
• Familiarity with Indicators of Compromise (IoCs) Indicators of Attack (IoAs) ATT&CK Tools Techniques and Procedures (TTPs)
  
• Strong interpersonal skills including good communication with the ability to articulate ideas in a precise and concise manner
  
• The ideal candidate is a technically inclined and experienced security specialist who enjoys working in a fastpaced collaborative team environment
  
• Flexible to provide oncall support 24/7 in the future if required
  
  

Benefits