Security Operations Engineer - Threat & Vulnerability Management - SC Eligible

Security Operations Engineer - Threat & Vulnerability Management - SC Eligible

Working closely with operational teams to ensure that vulnerability management good practices are followed and that code is developed and deployed securely, avoiding common pitfalls. Supporting automated and manual security testing of our deployed infrastructure and applications, and manage the findings from these tests.

Development and automation of security capabilities for the product and operational teams you are working with. Ensuring emerging security threats are promptly addressed or escalated for wider remediation, and sharing of good security practices. 

You will take a proactive role in securing the digital environment to ensure effective root- cause and trend analysis of security threats and issues. As part of the role you will be expected to investigate anomalous activity and support incident resolution with the service. 

You will liaise effectively with interested stakeholders to ensure that lessons are learned and will communicate threats to aid continuous information assurance. You will challenge and propose changes to existing processes to make them more effective at delivering services securely. 

Essential skills and experience required are:

Experience in threat and vulnerability management, application security, and using analytic skills to understand the security implications of events within a system. 

In-depth understanding of the methods of cyber security attack on modern systems and how these can be detected in an enterprise and/or digital environment. 

Knowledge of the concepts of information security, and of current and emerging IT security, data protection and information risk principles and technologies. Broad knowledge of security controls and how they can be applied in a traditional IT environment and cloud based systems. 

Knowledge of security monitoring, prevention and control systems including but not limited to firewalls, IDS/IPS, web proxies, antivirus and log correlation solutions. Knowledge of penetration testing and related disciplines. 

Desirable: 

Experience of security automation using scripting languages, such as Perl, Python, Ruby, and/or Bash as well as configuration of infrastructure with code automation (eg Atlassian tools, Ansible, Puppet, or Chef). 

Experience with version control software and job execution tools, such as Git, GoCD, Octopus, Jenkins, RunDeck, SaltStack. 

Experience with cloud platforms to include virtualization, containerisation and orchestration technologies, such as AWS, Azure, Docker, Kubernetes, etc. 

Experience of secure coding and testing across a variety of tools (static, dynamic, and both automated and manual) and vulnerability management. 

Knowledge of security architectures, in particular for modern digital services, including how they are developed and operated at scale.

Security Operations Engineer - Threat & Vulnerability Management - SC Eligible