Detection Team Engineer

Please note this role can be Hybrid or Remote subject to location.

Detection Team Engineer (Cyber Security)

We are seeking to appoint an energetic Cyber Security Engineer based out of the UK to join our InfoSec Detection Team.  As a member of this team you will report directly to the Detection Team Lead and provide valuable security guidance threat hunting and incident response capabilities as well as enforce security best practices throughout NEC.

In this role you will collaborate closely with the Detection Team Response Team and Architects within the group.  Your responsibilities will involve a diverse range of duties aimed at developing and maintaining NEC security posture in line with government guidance and our accreditations. Drawing on your comprehensive understanding of the threat landscape you will leverage your expertise to advise on investigate and remediate complex security risks and issues across the business with a strong focus on root cause analysis (RCA).

Key Responsibilities

• Collaborate with Detection Team Response Team and Architects to identify assess and conduct indepth investigations on areas of interest highlighted through our various reporting mechanisms such as XDR SIEM Proxy solutions Email Threat platform Application Delivery Controllers (ADCs) Vulnerability Scanning Solutions and Security Bulletins.
• Monitor and investigate security events and alerts prioritising risk and taking necessary actions to promptly remediate operational security risks.
• Support investigations and incident response scenarios as directed by the Team Lead.
• Learn and contribute to the maintenance and development of our Privileged Access Management (PAM) platform:  requires some knowledge of XML Python and RegEx.
• Work closely with Security Architects to deliver new security capabilities and ensure ongoing security enforcement and compliance.
• Familiarise yourself with ITIL processes including change problem and incident management.
• Maintain the NCSCs Cyber Security Essentials Plus accreditation.

Desired Qualifications and Skills

• Extensive handson experience with a variety of technologies and appliances particularly SIEM WAFs PAM Windows Linux and hypervisor platforms.
• Public cloud awareness and ideally practical knowledge of maintaining a secure public cloud.
• Knowledge of UK government cyber security guidance is desirable.
• Proficiency in securing auditing and maintaining public and cloud implementations.
• Experience managing enterprise security products including AntiVirus Data Loss Prevention tools Endpoint Protection and Identity Management.
• Strong understanding of the attack chain advanced persistent threats and the evolving threat landscape.
• Ability to perform controlled malware analysis and scripting on Windows and Linux platforms is advantageous.
• Minimum of five years experience in systems infrastructure security operations or senior IT support roles.
• Previous experience in a Security Operations Centre (SOC) or as part of a Security Team is desirable.
• A strong commitment to continuous learning developing new skills and sharing knowledge including dedicating study time outside of working hours for career advancement.
• Excellent team working skills with clear and professional communication coupled with a customer serviceoriented approach.
• Selfmotivated with the ability to work independently and deliver highquality results.
• Must possess or be eligible to obtain security clearance to MOD SC and NonPolice Personnel Vetting Level 3 (NPPV).

Join our dynamic team and contribute to maintaining a robust and secure environment while advancing your cyber security career.

Potential opportunities from this role

The security team within NEC is continually growing and the successful candidate will have the potential to progress into other security roles in the future.

Preemployment checks required

• Baseline Standard and Disclosure Scotland (BPSS).
• On employment the candidate must be able to achieve and maintain Security Clearance.

Other important information

Candidates must be able to demonstrate a preexisting right to work and travel within the EU.  Documentary evidence will be requested at interview.  A Basic Disclosure will also be required.
Occasional travel to other NEC offices (other than a designated base) may also be required.

Qualifications :

Demonstrable Expereince in an IT role with a strong understanding of security concepts / fundamentals.

Essential:

• Excellent understanding of core systems including all versions of Windows Client / Server and Hypervisor  technologies (ESXI HyperV etc)
• Operation of SIEM / XDR solutions
• Managing enterprise AntiVirus and Malware platforms
• Basic networking fundamentals (i.e. DNS DHCP routing and firewall rules)
• Basic Red Hat Linux (RHEL) / Oracle Linux knowledge

Desirable:

• Basic Static / Dynamic Malware Analysis skills (using tools such as: Sysinternals PEStudio CyberChef API Monitor NodeJS Powershell IDE UPX Wireshark and BurpSuite)
• LogRhythm / Splunk (SIEM platforms in general)
• Trend Micro suite of applications
• Nessus / Vulnerability scanning software
• Managing a PAM solution
• Pulse Secure Traffic Manager (Brocade)
• Web Application Firewall technologies
• Understanding of ITIL framework
• Understanding of CE

Personal Skills & Competences

Essential:

• Someone who enjoys taking on new challenges and has the desire to learn new skills and technologies
• Great communication skills
• Analytical / Strong problemsolving skills
• Works well within a team with the ability to work independently when required

Desirable:

• The ability to learn new skills quickly
• Evidence endtoend findings from an investigation timeline and trace back to patient zero

Additional Information :

We pride ourselves in offering an excellent benefits package including an above average pension scheme. When you join the team at NEC Software Solutions you are provided with the following:

• Private Medical Cover funded by NEC for Employees (with the option to add family members at an additional cost) 
• 25 days paid holiday with the option to buy/sell 
• 4 x basic salary life assurance cover funded by NEC (with the option to increase cover at an additional cost)
• A Group Pension Plan with fantastic employer contributions up to a maximum of 8.5%
• A selection of flexible benefits to suit your individual needs 

Candidates must be able to demonstrate a preexisting right to work and travel within the UK. Documentary evidence will be required.

All offers are subject to satisfactory vetting and reference checks. Depending on the nature of the role a Disclosure Barring Service (DBS) check may also be required.

NEC Software Solutions is an equal opportunities employer welcoming applications from all communities. If you require any reasonable adjustments or have specific accessibility needs during the recruitment or interview process please feel free to share these with us. We are committed to ensuring an inclusive and accommodating experience for all candidates.

Who We Are:

Were NEC Software Solutions (part of global tech giant NEC Corporation). While you read this ad our software is helping to dispatch ambulances support families keep trains on the move locate missing people and even test the hearing of newborn babies.

Working with us youll be helping our 3000 employees push the boundaries of whats possible and support amazing public services.

We work with governments hospitals police forces housing providers local authorities and more. We help them pay financial support faster speed up treatments for patients and respond to emergencies in the right way. The more we do the more our customers can do for others. And together we make a world of difference.

Wed love your help. And well support you all the way.

Remote Work :

Yes

Employment Type :

Fulltime