Our client is fast growing Commodities Focused Financial Services Firm based in London with Offices in US and Asia. They are seeking ro recruit a Senior Security Engineer to join their London team.
Reporting to the IT Security Officer, you will work alongside the IT Security Engineer as part of a 3-man IT Security team. As the Senior Security Engineer, you will implement and maintain robust security systems and protocols across the our IT infrastructure. You will conduct risk assessments and vulnerability scans, mitigate vulnerabilities identified in penetration testing, and implement preventative measures to protect against cyber threats. You will monitor the security infrastructure and detect and respond to potential threats. You will help mentor and develop the IT security engineer and collaborate with the IT team to ensure compliance with security standards and best practices; you will essentially be a key technical leader in safeguarding sensitive data and systems.
Key Responsibilities/Duties
1. Manage WAF and DDoS systems
2. Manage the Web Security Gateway
3. Manage the Email Security Gateway
4. Manage the SIEM, SOAR, Identity Protection and EDR, and respond to alerts and threats.
5. Carry out vulnerability scans, identify risks, and remediation.
6. Manage the perimeter and VPN firewalls.
7. Manage MFA and SSO.
8. Manage MDM\MAM and Conditional Access
9. Manage security certificates and keys.
10. Manage IDS and IPS.
11. Manage PAM systems
12. Deliver Cyber Security Awareness Training
13. Remediate vulnerabilities and weaknesses identified during penetration testing.
14. Ad-hoc IT security projects
Experience – Essential
The successful candidate will have a good working knowledge and experience in managing the majority of the following technology stack
15. CrowdStrike EDR
16. Mimecast Mail Security Gateway
17. Duo
18. Okta
19. Rapid7 IVM, Tenable IO or Nessus
20. Rapid7 IDR or CrowdStrike Next Gen SIEM
21. Palo Alto Firewalls and Panorama
22. InTune and Conditional Access
23. Entra ID, Active Directory, DNS, GPO
Experience using the following technology stack would be advantageous; understanding the principles is required.
24. Imperva WAF and DDoS
25. Menlo Web Security Gateway
26. Menlo CASB
27. Cisco Secure Access
28. Cisco Umbrella
29. Cisco ASA
30. KnowBe4
31. Digicert Certificates and Microsoft Certificate Services
32. Ivanti or Automox patching
33. AppCheck or Tenable WAS
34. Kali Linux (NMAP, Metasploit, BurpSuite, John etc)
35. Desired Education: CISM, MS SC100, 200 and 900, OSCP or other penetration testing qualifications.
36. Industry: Financial services, SOC, Pentesting is desirable
37. Personal Skills: Excellent inter-personal, written and verbal communication skills The ability to handle multiple priorities, tasks and projects simultaneously Clear and precise verbal and written communication Ability to deliver presentations to staff Cross functional influence, engagement and collaboration skills
Location and Hours
38. The position is usually based in London Head Office
39. Hours: The team works on a shift pattern to ensure cover from 0730 – 1730: (0730 to 1630 (2 days working from home), and 0830 to 1730 (3 days working in the office))
40. There will be periods of the weekend and out-of-hours work.
If you can adhere to the above please apply