Cyber Security/SecOps Engineer Inside IR35

Job Description

We have a fantastic opportunity for a Cyber Security/SecOps Engineer to work with our Central Government client on an initial 6-month contract. The Cyber Security Engineer will be responsible for improving the telemetry, processes and tools for the SIEM/Monitoring systems and SOC team. This role requires proven experience with security telemetry, security intelligence, anomaly hunting and incident response.This role requires an analytical mindset and a deep knowledge of the current and emerging threat landscape. The ability to research a threat or vulnerability and to deliver clear and concise actionable intelligence’ to mitigate against risk is essential.The Cyber Security Engineer will be expected to understand current network defence technology and to optimize or create new high value use cases’ and rules to defend against the latest threats.The ability to research threats, create reports and to clearly articulate recommendations to senior members of the team is essential to this role.Job SummaryAs a SecOps Engineer you will be responsible for maintaining and continually improving thesecurity of some of our clients key digital platforms, used by millions of peopleevery year.You will work with agile product delivery teams on the secure design, configuration, deployment, testing and management of applicatio-1ns and systems in traditional data center and cloud environments. You will be responsible for automating common, repeatable tasks to improve the cyber security around some of our most important datasets and services.You will ensure that vulnerability management best practice is followed and that code isdeveloped securely, avoiding common pitfalls. You will support automated and manualsecurity testing of our deployed infrastructure and applications, and manage the findingsfrom these tests.As a SecOps professional you will drive the development of new security capabilities tosupport delivery and ensure that the tools and approaches used are effective. This role willgive you the opportunity to get hands on and build security into systems.You will take a proactive role in securing the digital environment to ensure effective rootcause and trend analysis of security threats and issues. As part of the role you will beexpected to investigate anomalous activity and support incident resolution with the service.You will liaise effectively with interested stakeholders to ensure that lessons are learned andwill communicate threats to aid continuous information assurance. You will be required tochallenge and propose changes to existing processes where they do not contribute to therapid delivery of a secure service.Skills and RequirementsEssential Skills:- Previous experience working on AWS Security on services (IAM, Cognito, KMS,Federation Services)- A strong overall AWS Knowledge is essential- Extensive experience with automation using scripting languages, such as Perl,Python, Ruby, and/or Bash as well as configuration of infrastructure with codeautomation (e.g. Atlassian tools, Ansible, Puppet, or Chef).- Experience with version control software and job execution tools, such as Git, GoCD,Octopus, Jenkins, RunDeck, SaltStack.- Experience with cloud platforms to include virtualization, containerisation andorchestration technologies, such as AWS, Azure, Docker, Kubernetes,etc. Experience of secure coding and testing across a variety of tools (static, dynamic,and both automated and manual) and vulnerability management. Communicating riskin a clear manner to inform business decisions- Deep knowledge of networking, infrastructure and applications- Experience with agile and continuous development methodologies, including thepractices, platforms and tools which support them- Polyglot technologist with the ability to quickly learn, adapt and use differenttechnologies, including but not limited to Cloud platforms and protective monitoring- Broad knowledge of security controls and how they can be applied in a traditional ITenvironment and cloud based systems- In depth understanding of the methods of technical attack and how these can bedetected in a digital environment- Knowledge of the concepts of information security, and of current and emerging ITsecurity, data protection and information risk principles and technologies.- Knowledge of security monitoring, prevention and control systems including but notlimited to firewalls, IDS/IPS, web proxies, antivirus and log correlation solutions.- Experience in industry performing similar roles Required skills

Keyskills :
Windows Azure