Responsibilities
- Analyzing Security Events and Incidents: Investigate and respond to security events and incidents impacting the internal business and its clients.
- Developing SIEM Use Cases: Create and refine security information and event management (SIEM) use cases to enhance security monitoring.
- Implementing Security Controls: Design and deploy security controls and configurations to ensure a sec...
Responsibilities
- Analyzing Security Events and Incidents: Investigate and respond to security events and incidents impacting the internal business and its clients.
- Developing SIEM Use Cases: Create and refine security information and event management (SIEM) use cases to enhance security monitoring.
- Implementing Security Controls: Design and deploy security controls and configurations to ensure a secure environment.
- Proactive Vulnerability Management: Conduct continuous vulnerability assessments and ensure timely remediation in accordance with policy.
- Collaborating on Secure Development: Work with Beeks' development teams to integrate secure coding practices.
- Maintaining Security Tools: Configure and manage security tools across the company's infrastructure.
- Third-Party Security Assessments: Work with external entities to conduct security tests, assessments, and audits of information security practices.
- Risk Management: Identify, assess, manage, remediate, and track security risks, ensuring key risks are reported to the Chief Information Security Officer (CISO).
- Internal Security Audits: Perform regular audits aligned with ISO/IEC 27001 and SOC2 standards.
Ideally, you will have experience with:
- Hands-on Security Experience: 2-3 years of practical experience with tools such as SIEM, vulnerability management, endpoint detection and response (EDR), application security, and identity and access management.
- Incident Response: Proven experience in deploying and managing security infrastructure and responding to major incidents.
- Microsoft Security Experience: Knowledge and experience with Microsoft 365 Defender and Azure security (certifications like SC-200, MS-500, AZ-500 are advantageous).
- Adaptability with Security Technologies: Experience in learning and using various security technologies, including private and cloud infrastructure.
- Familiarity with Security Frameworks: Understanding of information security frameworks such as CIS, NIST, and NCSC CAF, along with the associated processes and tools.
- Threat Hunting: Experience in threat hunting and identifying anomalous activities through log analysis.
- Understanding of ISO27001/SOC2: Familiarity with ISO27001 and SOC2 frameworks.
The business has doubled in size over the past 3 years and have been on a consistent upward trajectory since their foundation less than 15 years' ago - There is ample opportunity to grow both in terms of skillset and career progression.
In addition to a salary of between £55k-£70k, a range of benefits uncommon to most similar companies are on the table:
- Share option scheme - The Business offer 10,000 options (currently valued at £17,000) which can be cashed out after 2 years' service. The company has more than doubled in size since 2021 with this number projected to increase.
- Pension and Life cover (4x salary)
- Hybrid arrangement (2 days remote) and flexible work hours
- 33 days annual leave (inc. bank holidays)
- On-site gym, PT sessions and massage therapist
- Office Bar