Cyber Security Engineer

Summary

Grade: 3B

Contract Type: Permanent

Location: London

Reporting to: Head of Cyber Operations

Division: CISO

The Purpose of the Role

This role will be responsible for delivering new security capabilities within the cloud, branch and college environments to improve the overall security posture of Post Office. To support the long–term strategic goals of Cyber Operations Teams. We act as the first line of defence for attacks aimed against us internally or externally. The successful candidate will contribute to cross functional collaboration to ensure appropriate security measures, technologies and processes are in place. This role will report to the Security Engineering Lead.

Principal Accountabilities

As a Cyber Security Engineer, you will be responsible for the engineering code configuration of multiple systems

Working along side SOC and other cyber teams. You would be expected to show:

Office365 Cyber Threat and Management capabilities, including digital policy configuration, DLP, AIP, Intune and other MS security event mechanisms.

SIEM use case development, testing and false–positive tuning for Sentinel as primary with additional initiatives in cloud SIEMS for Splunk and AWS Security Hub.

Working with tools such as; Mimecast, Symantec Endpoint Protection, ServiceNow

Security event triage and investigation of alerts from multiple sources.

Help fine tune and improve SIEM use cases and Microsoft polices.

Support threat hunting based on threat intelligence and improve alerting.

Influence and drive continuous improvement in our SecOps capabilities.

Demonstrable experience in SecOps and working with technologies such as SIEM, SOAR and EDR.

Good level of understanding of threat actors and Tactics, Techniques, and Procedures utilised.

Coordination and prioritisation of efforts will be at the discretion of the Cyber Engineering Lead. This role also includes a close working alignment with SOC Analysts to ensure effective monitoring is delivered.

Qualifications, Experience & Skills

Ideally have experience in the below:

AZ–500 or comparable level of knowledge

Understanding and being able articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives.

Using industry leading technology to create detections to threats to our networks from external and internal threat actors.

Overseeing the day to day maintenance of Security tooling

Working with senior stakeholders to support a threat led approach to generate mitigation and countermeasures through SIEM use case

Working with third–party suppliers and vendors

Taking part in post–incident reviews and proposing engineering resolutions to improve results in any future recurrence

Excellent team player but also confident working on own initiative.

Strong communication skills (both written and oral) and interpersonal skills at all levels

An understanding of network infrastructure such as VPNs, Firewalls, Switches, Routers, LANs, Intrusion Detection, vulnerability scanning etc.

A good understanding of cyber security concepts and systems/solutions such as IDM, EDR, DLP, SIEM, SSO etc.

Understanding of the Cyber Kill Chain and MITRE ATT&CK

Worked with or an understanding of EDR systems such as Defender or Symantec.

Commissioning Splunk infrastructure such as heavy and universal forwarders

Configuring and setting up data connectors within Sentinel

The creation and maintenance of Log Analytic Workspaces

Experience with Microsoft KQL

Experience required:

Excellent self–motivation skills

Proven experience or demonstrate working knowledge of Splunk or Sentinel.

Ability to share knowledge with the wider team

Business player with an appreciation of the wider implications of the unit to the future success of the Post Office.

Sound analytical skills.

A keen interest in cyber security with an enthusiasm for personal and professional growth

At least 5 years' experience in SecOps or IT Security.

Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar

Experience working with Python and Linux Shell Scripts or similar

Experience or demonstrable knowledge in Incident response, log analysis, Log ingestion and event data sources.

About Post Office

The Post Office has thrived at the heart of high streets and local communities across the UK for over 370 years. As one of the country's most trusted brands, we take our commitment to providing essential services to customers across the UK very seriously. We're the UK's largest retail network, as well as the largest financial services provider in the UK, with over 11,600 branches nationwide – more than all of the UK's banks and building societies put together.

We know that the best way to provide a great service for customers is to evolve our business and adapt to their changing needs. That's why we have a range of over 170 products and services, from personal financial services like banking, insurance, payments and travel money, to telecoms and of course, mails. And we're improving our online and in store experience for customers. We know that our customers never stop changing, so neither will we.

Securing the future Post Office's future:

We are working hard to ensure that the next chapter of the Post Office's history is a bright one. We are the current guardians of an iconic business and we want to hand over a thriving network of branches which can continue to provide essential products and services for our customers for many years to come. This is a uniquely exciting and challenging time for the Post Office – we're shaping the future and creating a business we can all be proud of.

Working at the Post Office:

Post Office colleagues are the driving force behind our business. Whether they are in our branches or supporting from our offices, we are proud of the energy, commitment and customer focus our people all have in common.

All Post Office people are guided by our three values and behaviours:

• We care by always thinking customer
• We strive to make things ever better through honest challenge
• We commit to decisive deliver

The Post Office embraces diversity and inclusion in the workplace and actively promote working without discrimination. We are also a Disability Confident Employer and are committed to interviewing disabled people who meet our minimum criteria for the job.