Senior Cyber Security Engineer
Location: Reading
Grade: Consultant
Employment Type: Permanent, Full Time
Hybrid
REQ003537
About XPS Group
XPS Pensions Group is no ordinary company. We've earned numerous awards and accolades, making us an industry leader in Pensions Consultancy. As the largest pure pensions consultancy in the UK, we are a team of approximately 2000 employees spread across 15 locations nationwide. Listed on the London Stock Exchange Main Market, we pride ourselves on our ability to think and act differently, offering expert advice to over 1600 pension schemes and administering pensions for over 1,000,000 members.
About the Team
XPS Cyber Security is an expanding team made up of internal cyber security engineers and cyber security operations analysts with an external 24/7 Security Operations Centre. The Senior Cyber Security Engineer role will be challenged with researching and implementing the latest technologies in the industry. This environment is highly technical and collaborative.
Reporting to the Cyber Security Engineering Manager, the Senior Cyber Security Engineer will perform daily security engineering tasks and assist with security hardening projects to protect XPS Group's IT infrastructure, networks and data. The ideal candidate will be a self-starter, with strong experience in cloud security, hardening IT systems, vulnerability management, penetration testing and web application security.
Key Responsibilities
* Use expert security knowledge with a particular focus in cloud security, network security, perimeter defence, attack surface management and system hardening to minimise risk.
* Own cloud security posture and attack surface management.
* Support the implementation of security controls across XPS, with a particular focus in cloud environments (e.g. Azure inc. cloud native applications).
* Promote best-practice, secure design principles, standards, and threat modelling into IT, projects and development teams.
* Identify and mitigate security risks early during change control and software development lifecycles (SDLC).
* Contribute to the selection, evaluation, and implementation of best-in-class security tools and processes.
* Develop an understanding of the threats, risks, vulnerabilities and evolving attack vectors facing the business.
* Assist and advise on security training, be able to mentor and drive awareness programmes tailored to XPS needs.
* Assist the wider security team with timely security incident management, security training, and reviewing supplier/client information security questionnaires.
* Due to the changing nature of the business, the job holder may from time to time be required to undertake other activities of a similar nature that fall within their capabilities.
Your Profile
Essential
* Experienced security engineer with demonstrable detailed knowledge of security products, Cloud Security, Web Application Firewalls, access control, AV, email and web security gateways, Artificial Intelligence, load-balancers, ACLs, TCP/IP, routing and switching.
* Excellent written and spoken communication skills with ability to create, update and maintain documentation/network diagrams.
* Knowledge of current and future security initiatives e.g. OWASP standards, SASE, intelligence led penetration testing, zero-trust, threat centric security and risk-based vulnerability management.
* Be a security leader, with ability to work collaboratively with IT, wider teams, end users, and mentor IT/security colleagues on security principles where necessary.
* Has relevant experience and certification in security engineering e.g. CISSP, SANS GCIA, Comptia Security+ and/or CCNA/CCNP or equivalent qualifications.
* Detailed understanding of Security Infrastructure design, IT Security best practice and hardening standards (e.g. CIS Benchmarks).
* Detailed understanding of common IT protocols, infrastructure and systems e.g. Networks, Domain management and virtualised infrastructure.
* Willing to travel to other locations as and when required.
Desirable
* Strong background in threat modelling.
* Computer Science degree, or relevant experience.
* Knowledge of ISO27001, Cyber Essentials Plus and Cloud certification e.g. CSA STAR.
What We Offer
Enjoy a competitive salary, annual discretionary bonus, and 25 days' holiday with buy/sell flexibility. Benefits include pension matching, healthcare plans, life assurance, and retailer discounts. We support our team with a flexible benefits scheme, employee assistance, and digital GP service. Participating in volunteering events is encouraged with paid volunteer days available. Referral bonuses are offered for introducing suitable candidates to XPS.
How to Apply
Interested candidates should submit applications below or contact recruitment@xpsgroup.com. Join XPS Group and contribute to a dynamic and inclusive workplace.
Equal Opportunity Statement
XPS Group is committed to diversity and equal opportunities. We welcome applications from all candidates, irrespective of sex, race, disability, sexual orientation, religion, or belief. As a Disability Confident employer, we ensure accessible and supportive work settings for all employees.
Eligibility
Any employment offer made will be conditional upon you satisfying DBS Disclosure checks, Employment or educational references, Satisfactory credit checks and eligibility to work in the UK before an offer can be made. XPS Group is not able to provide sponsorship to employees.
Who are we
To find out more please visit: www.xpsgroup.com
#J-18808-Ljbffr