Lead SecOps Engineer
Lead SecOps Engineers take a leading role in developing, building, and maintaining operational security offerings, provide expert consultancy to customers and internal teams on security operations, and mentor and lead other SecOps engineers in day-to-day activities.
Part of the SecOps Practice, SecOps engineers help develop and deliver services spanning:
- Vulnerability scanning and threat assessment. Security Information and Event Management (SIEM). DDoS protection. Identity and Access Management. Penetration testing. Network security. Application security. Cloud and on-premises technical security consultancy.
- Build, enhance, and maintain platforms supporting our SecOps Practice services. Support and advise SecOps Practice Lead and other senior roles on security trends, opportunities, and strategy. Development of tooling that enhances the operational security of our and our customers’ platforms. Creation of reference implementations of security-related tooling and frameworks, particularly for the AWS, Azure, and M365 ecosystems. Mentor and lead other SecOps engineers in day-to-day activities. Maintain good awareness of the operational security practices, tools, and strategies of vendors and partners relevant to the practice. Support technical presales activities for the SecOps Practice offerings. Working with partners and industry bodies to increase the prominence of as a provider of security services. Work with Information Security and Compliance teams to ensure security strategy is delivered and that priorities support alignment with the ISMS framework as agreed at the annual management reviews. Ensures vulnerabilities are managed by the completion of periodic vulnerability scans of networks and subsequent remedial action by supporting teams. Evaluate security incidents and coordinate responses.
Skills and Expertise
- Passionate about security and privacy with an excellent understanding of the principles and technologies involved. Promotes security throughout the organisation, encouraging teams to adopt practices and technologies that improve our and our customers’ security posture. Proactively spot opportunities within our own or a customer’s infrastructure where there are potential security gaps and recommend new or existing tools or processes to remediate. Good understanding of modern engineering patterns and tools. Practical experience with Infrastructure as Code and Continuous Delivery, and particularly with implementing them securely, and successfully encourages their adoption. Experienced writing production code in at least one modern high-level language, such as Python, Node, or .NET. Experience implementing ISO27001, ISO27017/18, and PCI-DSS advantageous. Relevant professional certifications are advantageous and should be held or actively worked towards. Such as: AWS Certified Security – Specialty CompTIA Security+ Microsoft SC-200: Microsoft Security Operations Analyst Microsoft 365 Certified: Security Administrator Associate