This Job Vacancy has Expired!

Cloud/Network SecOps Engineer [UK Established Startup]

Posted on Mar 31, 2021 by Cloud Gateway Limited

Not Specified, United Kingdom
IT
Immediate Start
Daily Salary
Full-Time


The SecOps Engineer responsibilities include acting as the focal point for IT & Cyber Security operations. You will have overall responsibility to improve and oversee the design and delivery of the Security Operations strategy and operating model. Evolving the monitoring and alerting process within Cloud and Hybrid environments, triaging alerts while adding proactive measures to reduce risk inline with Security frameworks.

This is a hands-on technical role requiring a detailed understanding of evolving threat trends and the technical ability to implement, and configure existing security toolsets, and implement new security solutions.

As a SecOps Engineer you will know about cloud-native security tooling. You will also benefit from having Identity and Access Management, Network Security, Data Security experience, preferably in an AWS cloud environment.

Responsibilities/Objectives:

  • Act as a Security Operations SME responsible for leading and driving SecOps throughout the organization.
  • Secure and assure Cloud environments with solutions in IaaS, PaaS and SaaS

  • Day to day management of the SecOps activities, working closely with all Key Stakeholders but more closely with the DevOps and Network Operations teams.

  • Responsible for Cyber Incident Response

  • Develop, implement and maintain SecOps controls such as Protective monitoring and alerting which feeds into a continuous improvement cycle for proactive controls.

  • Organise External vulnerability and penetration testing inline with ITHC's under CHECK conditions.

  • Be responsible for Vulnerability Management, perform scans using Nessus to ensure systems are patched and perform configuration assessments.

  • Review, assess, and mitigate issues from penetration tests and vulnerability assessments on information systems and infrastructure

  • Work with DevOps and Network teams to test system integrity, security, patch and manage Cloud and Hybrid Assets.

  • Manage and assess external threat trends and environment remediation

  • Develop, document and maintain Operational security procedures

  • Design, installation and support of security tools such as ElasticSearch, Identity Management (eg, SAML, LDAP, certificate based auth ), Cloud Security and Fortinet Security platforms

  • Ensure Patching & Hardening is inline with Cyber Security standards such as CIS.

  • Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements

  • Creation, analysis and communication of security metrics to CTO

  • Research threats and vulnerabilities and where appropriate, take action to mitigate and remediate

  • Work closely with the IT Security Manager to ensure ISO27001 policy, process remains compliant and assists with any Audit remediation.

Role Minimum Requirements

  • Minimum of 5 years experience in a Cyber Security role, preferably gained in an operational environment.
  • Experience with detection, exploitation and validation of security vulnerabilities

  • Deep knowledge of Operating Systems and Infrastructure, specifically Linux and Cloud Hosting

  • Experience in Vulnerability Management tools such as Nessus.

  • Strong network security knowledge and hands on experience in Remote Access, VPN, DMZ architecture, Network Monitoring, Intrusion Detection, Server Security, Vulnerability Scanning, Anti-malware and Anti-exploit management, and DLP

  • Strong Experience with PKI, IAM and Endpoint Detection and Response

  • Knowledge of commonly-accepted information security principles and practices, as well as techniques attackers would use to identify vulnerabilities, gain unauthorized access, escalate privileges and access restricted information.

  • Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP etc., and accompanying protocol/packet analysis/manipulation tools.

  • Experience in DDOS detection and mitigation techniques

  • Familiarity with ISO27001 and other security standards.

  • Proven ability to work under pressure in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously

  • A UK national suitable for completing UK Government security vetting up to SC Level

Desirable:

  • Technical certifications relevant to Cybersecurity - eg CISSP, CRISC, CISA, CIS M.

  • AWS experience with security related services such as GuardDuty, AWS Config, CloudWatch etc.

  • Experience in Elasticsearch configuration & management

  • Experience with G Suite, macOS, Jamf, BitDefender and enterprise security for IT Assets. These include SaaS applications, Web and Email.

  • Hands on knowledge of Fortinet Firewalls, administration & design

  • AWS certified security specialty.

Who are we?

Cloud Gateway was formed in 2017 by Justin Day and Neil Briscoe. Designed to enable faster more efficient digital transformations, breaking the boundaries of conventional network connectivity and security, Cloud Gateway is at the forefront of Cloud PaaS technological innovation.

The business has seen continuous, steady growth since then and is planning to accelerate that growth considerably.

Everyone in the business has a key role to play within the business. As a Start-up the business requires individuals to be prepared to step up, own their role, drive efficiencies wherever they see them, strive for continuous improvement and to support others to contribute to the success of the business.




Reference: 1147080494

Set up alerts to get notified of new vacancies.