About the Team
The Company is building a new Security Operations Centre, SOC, to ensure a coordinated response to the increasing cyber threats to the business. The application security specialist will support the Security Operations Lead in delivering core cyber defence services to the Company.

Key to the role will be specialist security delivery expertise within the Cyber Security Incident Response Team (CSIRT) that will provide cyber defence protection to the Company.

The SOC and CSIRT mission is to provide specialist cyber defence protection to employees across the globe. The Role
The SOC Application security specialist role will deliver core cyber security capability including bench marking security standards, security information and event management, vulnerability analysis, security incident investigation and response to support in increasing cyber resilience.

Your responsibilities will include:
• Operate as Application Security Operations Lead for cyber security.
• Deliver and manage the Company baseline security standards for all applications and databases.
• Support the SOC team to optimise the use of cyber security tools to protect applications from cyber-attacks and security incidents.
• Lead on the introduction of new applications into Security monitoring and ensure the ongoing effectiveness of security monitoring related to applications used throughout the business.
• Deliver specialist security support to core Company functions including asset, configuration, patch and vulnerability management.
• Support cyber exposure reduction in driving remediation of vulnerabilities within business units
• Deliver specialist investigation and analysis on cyber security incidents to support the Cyber Security Incident Response Team (CSIRT)
• Support the Chief Technology Officer and Design Authority for application operational security
• Deliver Company application expertise into Security operations including SIEM, SOAR, EDR and other services
• Deliver specialist security support into Company ITIL processes.

Essential skills and experience
• Highly experienced (5 - 10 years+) in Information and Cyber Security;
• Highly experienced in cyber security management systems to support the identification, prevention and protection of cyber risks;
• Experienced in security of common database applications including Microsoft MSSQL, MySQL, Oracle, PosgreSQL, Mongo;
• Experienced in security of enterprise applications including Microsoft Exchange, Mimecast, Broadcom email security and Cisco messaging application;
• Experienced in operating specialist security technologies including CIS Benchmarks, Tenable, Qualys and Rapid 7;
• Strong knowledge of network topologies and protocols;
• Experienced in security risk management, incident response and crisis management;
• Experienced in investigating security breaches and security incident management;
• Experienced in SIEM tooling knowledge including technologies such as Sentinel and Splunk;
• Experienced in end to end information security incident management, mitigating and addressing threat vectors including but not limited to SQL Injection, authentication, privilege access, logging, denial of service and security patching;
• Experienced with common security enforcing functionality including Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application Firewalls, Network and host-based Firewalls, Log analysis and Security Information and Event Management (SIEM) systems;
• Experience with threat-based frameworks such as MITRE ATT&CK;
• Good understanding of information assurance standards and frameworks including ISO 27001, Cyber Essentials/Essentials Plus, GDPR;
• Recognised information security and/or information technology industry certification (CISSP, CISA, CISM, GIAC or equivalent);
• Strong stakeholder, relationship management and communication skills;
• Working in a fast paced, shared services matrix environment;
• Must have or be able to obtain UK security clearance.

What you'll get in return
Flexible working options available.

What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.