Information Security Engineer x2
Initial 6 Month Contract
£600 - £700 p/d
Are you an Information Security Engineer? Are you looking for your next exciting contract opportunity? Would you like to work with for one of Europe's largest Consumer Retailers? Well, look no further as the perfect opportunity is right in front of you!
My client, are looking for an experience Information Security Engineer to join them on an initial 6 month contract, to help support the Head of Information Security Engineering in re-developing and implementing their new strategy.
The ideal candidate will have strong hands-on experience where they have configured, designed and created multiple solutions with Infrastructure Security, Threat Hunting and Scripting. Cloud Security including Office 365 expeirence is also a must in this role, one or more of Azue, AWS & GCP technical knowledge in this role would be highly advantageous.
Main Areas of Responsibility
- Designs, implements, maintains and operates information system security controls and countermeasures.
- Recommends security controls and procedures in business processes, acquisition, development, and change management lifecycle of information systems, and monitors for compliance.
- Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
- Administers authentication and access controls, including provisioning, changes, and removing of user and system accounts, security/access roles, and access permissions to information assets.
- Analyses and develops information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
- Executes operational plans for security incident response services within the DDC.
- Assists in the development of processes and procedures for cyber security monitoring and incident response.
- Provides reporting against metrics covering Security Incident Response services.
- Supports post-incident analysis activities.
Security Analytics and Threat Intelligence:
- Assists the Security Engineering Manager in the design and development of cyber security analytic projects to understand events of interest that may evade currently deployed techniques.
- Recommends improvements in intelligence requirements, based on changes to business needs, structure, priorities and technology.
- Derives or collect raw intelligence from investigations and inject them into the intelligence lifecycle for processing and analysis.
- Refines "hunting grounds" to limit the amount of in-scope data for hunts and provide additional context to findings.
- Provides guidance and suggestions for hunting activities.
- Works with application SMEs to hunt for malicious activity that may or may not be present in unmonitored applications. Typically, this is done in conjunction (or after) a stakeholder analysis is performed.
- Assists in operationalizing successful hunts into production SIEM alerts.
Knowledge and Key Skills Required
- Infrastructure Security (Anti-virus software, Intrusion detection, Intrusion prevention, WAF, Packet layer and next generation firewalls, Load balancing, Content filtering).
- Windows security for O365, SharePoint, AD, End point security (Servers and personal devices), Intune, Azure security, ATP, OneDrive for Business, Data management.
- Cloud security for SaaS, PaaS, IaaS.
- File integrity monitoring and DLP.
- Extensive experience in security incident response, security analytics, cyber threat intelligence and security threat hunting.
- Experience of working within a large multinational organisation, preferably a retailer or telecommunications provider.
- Disaster recovery, computer forensic tools, technologies and methods.
- Detailed knowledge of security standards and guidance such as NIST Cyber Security Framework, ISF Standard of Good Practice etc.
- Extensive experience with common security analytics, threat intelligence, security case management and other information security platforms.
- An understanding of relevant regulations and legislation that affect the operations of organisations within UK&I is desirable, such as PCI-DSS.
If you are interested and would like to review a full job spec please click APPLY and send CV's to Ashley.Waterman@ iqtalentsolutions.com OR call on: 01892 553 241.
InterQuest Group is acting as an employment agency for this vacancy. InterQuest Group is an equal opportunities employer and we welcome applications from all suitably qualified persons regardless of age, disability, gender, religion/belief, race, marriage, civil partnership, pregnancy, maternity, sex or sexual orientation. Please make us aware if you require any reasonable adjustments throughout the recruitment process.