Senior Infrastructure & Security Engineer

Harris


Job Location:

Swindon - UK

Monthly Salary: Not Disclosed
Posted on: 2 days ago
Vacancies: 1 Vacancy

Job Summary

Commerce Decisions part of Harris Computer Companyare currently seeking an experienced Senior Infrastructure & Security Engineer on a full-time permanent basis operating on a remote working model.

Commerce Decisions is part of Harris. Harris strategy focuses on acquiring software businesses strengthening and managing them well and growing them for the future. Our companies provide mission-critical software solutions to a global customer base across various vertical markets. We are part of Constellation Software Inc. (TSX: CSU) one of the worlds most active acquirers of software businesses.

Role Responsibilities

Infrastructure & cloud operations

  • Design implement and run cloud infrastructure across Azure and Oracle Cloud (OCI) spanning the UK and Canada for high availability scalability and security.

  • Administer a mixed Linux and Windows server estate plus Docker and Kubernetes workloads.

  • Own deployment of monthly SaaS releases updates and patches into Staging internal and hosted customer environments (Dev produces the release package).

  • Light MySQL maintenance: version upgrades backup monitoring replica health checks and tuning improvements.

  • Manage internal IT assets and users via ManageEngine; monitor staff device patch status.

  • Maintain internal servers and QA/test environments.

  • Investigate and resolve infrastructure issues and bugs supporting the wider engineering team.

Automation & modernisation (50% of the role)

  • Lead the migration of manually-built Oracle Cloud environments onto Terraform and Ansible with proper change management.

  • Partner with Development to identify and build automation that improves releases and deployment. A key future initiative is building an installer to deploy updates remotely to self-hosted customers replacing the time-consuming costly on-site visits.

  • Drive automation and modernisation as a continuous theme treating infrastructure-as-code as the living source of truth for infrastructure state.

Security engineering

  • Patch management across the estate.

  • Maintain and improve hardened environments to CIS benchmarks youll lead the technical hardening standards and drive their implementation.

  • Threat-horizon monitoring: track IT news vendor advisories CVE feeds NCSC and similar for issues relevant to our stack and drive remediation.

  • Operate security tooling (CrowdStrike ESET Rapid7 or equivalents): deploy agents ensure coverage and updates monitor dashboards and triage and analyse alerts.

  • Coordinate penetration tests end-to-end and own scoping as the person with the deepest knowledge of our exposed attack surface through execution triage remediation and evidencing closure.

  • Author and review customer security questionnaires and bid responses about our hosting environments and security controls.

  • Provide technical evidence and implement controls in support of ISO 27001 and Cyber Essentials Plus; occasionally contribute to MOD-aligned security responses (e.g. JSP 440 Secure by Design).

Networking

  • Hands-on (and IaC) with Cloud based load balancers SSL certs & ciphers WAFs (configuration and management) security headers network security groups and VPNs.

Resilience & business continuity

  • Capacity monitoring and resilience planning; design for high availability and scalability (Kubernetes and similar) in collaboration with Development.

  • Lead disaster-recovery and business-continuity capability: design it test it regularly and automate backup/restore and failover wherever possible.

  • Build and maintain alerting and observability so the right people can see what they need consolidating and improving across Grafana/Loki (application logs) ManageEngine log analytics (server logs) and PRTG (server sensors).

Documentation & operating rhythm

  • Maintain infrastructure-as-code as the primary record of infrastructure state supported by clear runbooks operational processes and decisions in Confluence and Jira.

  • Weekly tracking of work in progress and incoming work.

The successful candidate will have these skills and experience:

  • Collaboration closely with R&D and Customer Support and Success teams to ensure the best outcomes for our customers

  • Strong hands-on infrastructure/IT operations background across a mixed estate.

  • Production experience with at least one major public cloud (Azure AWS OCI or GCP) and a strong grasp of the underlying concepts.

  • Practical experience with Terraform Ansible or similar in production.

  • Confident administering both Linux and Windows servers.

  • Solid understanding of containers and orchestration Kubernetes in particular.

  • Demonstrable networking skills: load balancers WAFs VPNs security headers network security groups.

  • Practical security operations: patching hardening (e.g. to CIS) vulnerability management and operating endpoint/threat tooling and acting on what it surfaces.

  • Experience coordinating penetration tests and driving triage and remediation through to closure.

  • Experience designing for resilience high availability and business continuity (backup/restore DR regular testing).

  • Strong analytical and logical troubleshooting root-cause discipline youll work methodically and effectively under pressure knowing when to escalate.

  • Genuine curiosity for emerging tools and technologies including AI and the confidence to adopt them and push improvements forward.

  • Clear written communication youll draft answers to customer security questions and contribute technical evidence to audits.

  • Eligible for and able to obtain UK SC clearance (broadly: UK residency for a defined recent period). Clearance is mandatory to access our hosted systems; we sponsor the process.

Desirable Skills & Experience

  • Active SC clearance at point of hire.

  • Hands-on Oracle Cloud Infrastructure (OCI).

  • Direct experience with the specific security tooling: CrowdStrike ESET Rapid7.

  • Octopus Deploy.

  • ManageEngine.

  • MySQL administration.

  • Observability stacks: Grafana/Loki PRTG.

  • Experience migrating manually-built environments to infrastructure-as-code.

  • Direct experience with ISO 27001 Cyber Essentials Plus and MOD frameworks (JSP 440 Secure by Design).

  • Prior experience in a defence government or other regulated/secure environment.

Location

UK Based.

Travel required to company offices events customer sites partner sites conferences industry events corporate events etc. as necessary

Benefits

Harris offers an extremely competitive UK employee benefits programme.

  • 25 days holiday

  • 5 Personal Days leave entitlement

  • An annual Lifestyle Reward amounting 325 per annum/pro rata.

  • Private medical and dental care

  • Employee Share Ownership Plan

Supporting your application

Our recruitment process will comprise of interviews and at times a written exercise an assessment day and/or a presentation. As an equal opportunities employer we want to make sure we do all we can to make this a positive experience for you. When applying please make us aware on your application of any adjustments or additional support we can provide you with before or on the day of an interview.


Required Experience:

Senior IC

Commerce Decisions part of Harris Computer Companyare currently seeking an experienced Senior Infrastructure & Security Engineer on a full-time permanent basis operating on a remote working model.Commerce Decisions is part of Harris. Harris strategy focuses on acquiring software businesses strengthe...

About Company

Company Logo

Harris is an acquirer of software businesses. Our focus is to acquire businesses with growth potential, manage them well and build them for the future.

View Profile View Profile