```html Security Engineer Job Description - Phillips & Cohen Associates (UK) Ltd. - Ardent Credit Services Security Engineer About Phillips & Cohen Associates (UK) Ltd. At Phillips & Cohen Associates (UK) Ltd., we are dedicated to excellence in the Banking & Financial Services sector. Our commitment to innovation and security underpins our success, and we are seeking a skilled Security Engineer to join our dynamic Liverpool team. This pivotal role will contribute directly to safeguarding our critical systems and data, ensuring we maintain the highest standards of security and compliance. Role Overview As a Security Engineer, you will be at the forefront of protecting our organisation’s information assets. You will design, implement, and maintain robust security measures to defend against evolving cyber threats. Working closely with IT, risk management, and compliance teams, you will help shape and enforce our security policies and practices. Key Responsibilities A. Application Security Engineering (AppSec) ● Secure Development Lifecycle (SDLC): Integrate security tools and processes into the CI/CD pipelines (DevSecOps), ensuring security is "shifted left." ● Vulnerability Management: Manage and execute Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) on proprietary applications. ● Remediation & Guidance: Act as the primary security resource for development teams, providing technical advice on vulnerability fixes and secure coding practices (e.g., adherence to the OWASP Top 10). ● Threat Modeling: Conduct formal threat modeling exercises for new features and application architectures to proactively identify and mitigate design flaws. B. Systems Security Engineering & Configuration ● Secure Baselines: Define, implement, and audit secure configuration standards for all corporate systems, including servers (Windows/Linux), cloud resources (AWS, Azure), and critical databases, ensuring compliance with CIS Benchmarks or equivalent standards. ● Endpoint Security: Deploy, manage, and optimize Endpoint Detection and Response (EDR) solutions and host-based firewalls to enhance visibility and defensive capabilities. ● Identity & Access Management (IAM): Engineer and govern the secure configuration of IAM services, including Multi-Factor Authentication (MFA), Single Sign-On (SSO), and Privileged Access Management (PAM) tools. ● Patch & Vulnerability Management: Oversee the technical operation of the enterprise vulnerability scanning program, working with IT Operations to prioritize and track remediation of system and software vulnerabilities. C. Network Security Engineering & Infrastructure ● Firewall Management: Design, implement, and maintain complex rule sets and policies on Next-Generation Firewall (NGFW) platforms, managing network segmentation, siteto-site VPNs, and secure remote access. ● Intrusion Detection/Prevention (NIPS): Configure and tune Network Intrusion Prevention Systems (NIPS) and Intrusion Detection Systems (IDS) to actively block and alert on malicious network traffic and policy breaches. ● Security Tool Implementation: Lead the research, deployment, and operationalisation of new network and cloud security tooling, ensuring full integration with our Security Information and Event Management (SIEM) system. ● Architecture Review: Conduct security reviews of network diagrams and propos Qualifications & Experience Proven experience as a Security Engineer, preferably within the Banking & Financial Services industry. Strong understanding of network security protocols, encryption technologies, and security frameworks. Experience with security tools such as SIEM, IDS/IPS, firewalls, endpoint protection, and vulnerability scanners. Familiarity with industry regulations and standards including GDPR, PCI DSS, ISO 27001, and FCA compliance. Relevant certifications advantageous, such as CISSP, CISM, CEH, or CompTIA Security. Excellent analytical and problem-solving skills with a detail-oriented mindset. Strong communication skills, able to explain complex security concepts to non-technical stakeholders. Degree in Computer Science, Information Security, or a related field is preferred. Benefits Competitive salary package reflecting your skills and experience. Comprehensive pension scheme to support your future. Generous annual leave entitlement plus bank holidays. Opportunities for professional development and certifications. Supportive and inclusive working environment focused on career growth. Employee assistance programme and wellbeing initiatives. Access to cutting-edge technology and tools within a leading financial services firm. Why Join Us? Joining Phillips & Cohen Associates (UK) Ltd. means becoming part of a forward-thinking organisation that values security as an integral part of our business success. You will work alongside passionate professionals dedicated to protecting our clients and assets in a challenging and rewarding environment. If you are a proactive Security Engineer eager to make an impact in the financial services sector, we would love to hear from you. ```