Infrastructure Security Engineer
Duration: 3 months initially
Experis are currently looking for a Security Engineer for a public sector client r to provide detailed hands on technical security support and management to a highly available infrastructure estate across 7 UK sites.
- Provide security operational support for solutions deployed across our infrastructure.
- Complete reviews of the current infrastructure estate in terms of security compliance and vulnerabilities. Identify areas of non-compliance and ensure areas of weakness are enhanced.
- Provide analysis and trending of security log data from a number of security tools and advise on or take appropriate action.
- Assist in the conduct of security audits of technical solutions detailing recommendations, improvements and corrective actions.
- Perform monitoring and analysis of security tools and logs for indications of attacks.
- Lead the technical response to security incidents and document progress as required.
- Work closely with Infrastructure and Cyber Security Managers when managing issues related to infrastructure security.
- Work on projects to ensure security requirements are documented in the service design package and have been met.
- Provide support for vulnerability assessment tools and work closely with infrastructure teams to prioritise and remediate identified findings.
- Manage the schedule for vulnerability assessments and provide necessary reports associated with the schedule on a timely basis.
- Work with cloud based suppliers who host systems that are entirely remote or heavily integrated with our own internal infrastructure.
- Diagnose security incidents and identify the root causes.Recommend and implement temporary workarounds for known errors and identify areas that would provide mitigations against the incidents re-occurring.
- Possess a good understanding of security architectures and topologies and the techniques needed to support security infrastructure solutions in enterprise environments.
- Possess a good understanding and detailed knowledge of security tool sets with the techniques needed to support security infrastructure solutions in enterprise environments.
- Have a good awareness and be able to work within information security and confidentiality legislation.
- Possess an excellent understanding of ITIL, including service operation and service transition.
- Possess a good understanding of the technical elements of PCI-DSS and the ISO27001 standard.
- Experienced in understanding, configuring and tuning SIEM products through the use of correlation rules and analytics.
A good working knowledge of supporting and troubleshooting current technologies in some of the following areas:
- Network security
- Firewall security
- Intrusion Detection/Prevention tools
- SIEM solutions
- Anti-Virus solutions
- Vulnerability assessment and management tools
- Web Content filtering solutions
- Email Gateway solutions
- Cloud based solution
- Act as tech security lead on projects.
- Organising and scoping pen tests
- Setting up internal security standards.
- Threat modelling.
- Experience with Rapid 7, Darktrace