Security Ops Engineer
- Employer
- Iceberg Cyber Security
- Location
- London (Central), London (Greater)
- Salary
- Negotiable DOE
- Closing date
- 26 Sep 2019
View more
- Sector
- IT
- Job Role
- Security Engineer
- Job Type
- Permanent
You need to sign in or create an account to save a job.
Iceberg are currently recruiting on behalf of a forward thinking tech scale up start-up business who have become known as one of the most disruptive and fastest growing businesses in the world right now. They are going through a security culture transition and require a Security Ops Engineer who will be involved in all aspects of IT Security Operations, including evaluating, designing, and deploying emerging security solutions. You will also be able/expected to research into new technologies to enhance the stability and security of the business.
You will be responsible for;
- Writing, and managing indicator of compromise queries across aggregated logs.
- Responding to, triaging, and investigating potential incidents across laptops, servers, network devices, and cloud systems.
- Teaching other engineers on infrastructure team how to do alert triage.
- Performing and automating in-house network and host security testing.
- Managing third-party penetration tests.
- Acting as incident manager and running interactions with external incident response and forensics teams in the event of a major incident.
- Working with infrastructure automation teams to ensure that programmatically-driven security policies are correct.
- Implementing security orchestration and automation on top of tools like BetterCloud and Okta.
Requirements
- Proven industry experience in operational security
- Hands-on experience with
- Basic penetration testing tooling like Nessus and Metasploit
- Writing and triaging production security alerts against large data sets, ideally with Splunk Enterprise Security
- Security configuration in Docker, Kubernetes, and Isti
- MISP and other community-centric threat intelligence collections
- Hardening Windows and Linux servers and common services
- AWS, GCP, and cloud security and automation tools like Forsetti and Terraform
- Identity and Access Management systems like GSuite, Azure AD, and Okta, and authentication integration via OAuth, SAML, and LDA
- Host policy automation using Jamf for OSX and Microsoft Group Policy Objects
- Zeek and Packetfence for on-premises network security
- Some on-call will be required
- Experience mentoring other engineers in security
- Ability to thrive and succeed in a dynamic, fast growing, startup environment
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert