One of our clients in the Financial Services sector is looking for an experienced Security Engineer.
You'll be joining their progressive team focusing on security and cloud technique with the investment to modernise their security.
You'll be reporting directly to the CISO you'd be working with the 3rd party SOC function to help mature current premise logging / alerting. You will focus on the on-premise infrastructure and cloud capabilities.
* Creation of logging configurations
* Grow current cloud logging / alerting capability's
* Automation of reporting, security tooling automation
* Creation of Playbooks
* PoC of On-Premise / AWS SIEM (Azure Sentinel, Sumo Logic etc)
* Improve Data Leakage Prevention and align thresholds against business unit.
* Posture detection: Data Leakage Prevention based on a users location and End user device and asset to be accessed
* Good understanding of threat and threat vectors
* Knowledge of PowerShell and Python
* Strong knowledge of SIEM tools and be able to implement from scratch
* Knowledge of infosec protection / detection and authentication systems (firewalls, IDS/IPS, EDRs etc)
* Exposure to MITRE ATT&CK + threat hunting
* Familiarity with Data Leakage Prevention strategies
* Working knowledge of CyberArk
* Knowledge or exposure to AWS or Azure
This is an initial 6 month contract outside IR35, hybrid remote / office approach so must be able to get to their offices in either Reigate or Manchester.