Senior Security Engineer, O365, Azure, Windows
Posted on Mar 3, 2020 by Mercator IT Solutions
The Senior Cyber and Information Security Engineer is a senior member of the information security team and works closely with the other members of the team to develop and implement a comprehensive information security programme.
This includes defining security policies, processes and standards; performing security assessment to leading security frameworks, practices and standards; the analysis of security events, performing incident response from identify, protect, detect, through to containment and recovery. He/she works with the Enterprise Architecture and Operations teams to deploy technical security controls to meet strategic, tactical security requirements and defines processes, standards to ensure that security configurations are maintained and continuously improve.
Develops information security policy, process, and procedures.
Defines security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems following the architecture principles and governance of Enterprise Architecture function.
Ensures compliance of security processes and procedures and supports service-level agreements (SLAs) to ensure that security controls are managed, maintained and effective through security metrics and Key Performance Indicators (KPI's).
Reports security metrics and KPI's to Information and Cyber Security Manager concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and non-compliance.
Provides security input into business service, application and project life cycles to assess security requirements and controls and to ensure that security controls are implemented as planned.
Works with Enterprise Architecture and Operations department and members of the information security team to identify, select and implement technical security controls.
Works with business units to identify and advise on security requirements and leading practises, by performing security architecture and risk assessments and business impact assessments.
Researches, evaluates and communicates through security advisories and blogs current and emerging security threats to assets and people via the security awareness programme.
Researches, evaluates and recommends information security related services, hardware and software, including developing business cases for security investments.
24/7 Incident Response - Be available to provide reactive support to critical security incidents outside standard business hours as part of a rota.
Working with managed security service providers, vendors, and partners to ensure training, maintenance, support and continuous improvements for existing and emerging technology.
Knowledge, Skills and Experience Required:
Minimum of five years information and cyber security experience, and experience in IT System Administration, Network Administration, Security Operations Centre or Application administration and development is an advantage.
Bachelor's degree in information systems or equivalent work experience in relevant information and cyber security domain.
Require at least one security certification from a reconginsed professional certifying organisation such as ISC2, CompTIA, ECCouncil, SANS Institute.
Technology standard certification such as from Cisco, VMware, Microsoft is an advantage.
Excellent technical knowledge of Microsoft Operating Systems. Knowledge and experience of Linux.
Awareness of the Mitre ATT&CK framework and how it can be used to learn an adversary's tactics and techniques and focus incident response.
Experience in penetration testing methodology and tools, for security testing of applications and systems
Experience using Scripting, automation and API's with languages such as Powershell, Python, bash and Shell Scripting
Experience using and managing Security Information and Event Management (SIEM) and analysing and reporting from multiple log data sources.
Knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls.
Knowledge of and experience in developing and documenting security processes and plans.
Knowledge and experience with implementing common information security management frameworks, such as International Organization for Standardization (ISO) 2700x series, AICPA SOC2 (Service Organization Control), ITIL, COBIT and National Institute of Standards and Technology (NIST) or Center for Internet Security (CIS) frameworks.
Strong analytical, problem solving, written and verbal communication skills and a good attention to detail to identify patterns.
Ability to work both independently and collaboratively as a team member, be curious and to ask questions and share knowledge.
Ability to interact with personnel at all levels of seniority and across all business units and organizations, and to understand business objectives and values.
A strong customer and client focus, with the ability to manage expectations appropriately, to provide a superior customer and client experience and build long-term relationships.
A strong passion for the security domain, be curious with a keenness to learn and develop own skills and knowledge outside of the daily work environment.
Confident in recording and presenting key findings and conclusions to different levels of the business