Role: Security Engineer
Location: London, UK (Hybrid)
Hiring Type: Contract/Permanent Role
The below is a desirable list as opposed to essential requirements. If a candidate has some of the below, they will still be considered.
1. Proactively use security engineering tools to identify and mitigate network & security risks.
2.Develop and implement security measures using specialised tools based on Cyber security best practices.
3. Support and build network segmentation capabilities, including deciding on the granularities of segmentation from a threat-led perspective (e.g., application level, environment level, network level, network policies, mapping attack paths, and building mitigations).
4. Hands-on exposure and knowledge of Cyber & network security, e.g. management of firewalls, IDS, Web Gateways etc.
5· Familiarity with deploying Infrastructure as Code and using CI/CD technologies, such as Azure DevOps.
6· Hands-on experience working with cloud networking with a focus on security. For example, working with virtual networks, network security groups, virtual firewalling, Web Application Firewalls, and cloud networking security monitoring.
7· Previous experience working with security best practices – e.g. Zero trust, defence in depth, least privilege, security hardening.
8· Experience in applying zero-trust principles to secure large-scale IT infrastructures, demonstrated by successful deployments within a corporate setting.
Web Gateway, Web Security Detect & Respond end points, Siem, Sentinel & Defender
It’s a bonus if you have but not essential
9· Experience as a Cyber Security Engineer, Cyber Security Analyst, or a Network Engineer with an interest in becoming a Cyber Security Engineer.
10· Experience with Terraform, Python, Javascript/Node.js, PowerShell or Bash
11· Knowledge of infrastructure and application monitoring, such as Icinga or Elastic Stack.
12· Network Security certifications (especially Cloud centric) would be advantageous.
13· Proven ability to design and deploy zero-trust security solutions, including identity and access management, micro segmentation, and continuous authentication, in complex organisational structures would be an advantage.