Collegamento...

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9vbgl2zxitamftzxmvanbnl29mzmljzs1izy1pbwfnzs5qcgcixv0
W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9vbgl2zxitamftzxmvanbnl29mzmljzs1izy1pbwfnzs5qcgcixv0

Senior Security Engineer

Luogo: Bracknell, Berkshire
Stipendio: £85000 - £100000 per annum
Postato: giorni 12 fa
Tipologia di contratto: Permanent
Industria: Information & Cyber Security
Nome del contatto: Vinny Hughes
Contatto email: Vinny.Hughes@ojassociates.com

Vinny Hughes

Associate Director

See more of Vinny Hughes's jobs

Senior Security Engineer

The Senior Security Engineer is a technical security role which sits within the Global IT Operations team. You'll be responsible for security incident response activities, working with IT colleagues to record and report incidents and work with incidents from inception to remediation. You will be required to review changes, handle escalated tickets and major security incidents referred by the IT Team or discovered by our security systems.

WHAT YOU'LL DO:
* Monitor, detect and analyze threats in various notification platforms, respond and resolve incidents in maximum 4 hours. Drive lessons learned and process documentation to continue to reduce MTTR by 20% in the first 12 months
* Ensuring Euronet Security Standard yearly targets are met and work with the SSO to identify the required action plan
* Maintain 100% compliance with the external regulations (e.g. PCI DSS, PSD2, Swift, GDPR) including working with external auditors to ensure controls are met and all security recommendations are implemented within the required time
* Ensuring Euronet Security Standard yearly targets are met and work with the SSO to identify the required action plan
* Conduct a minimum of quarterly validation of security implementations and compliance including regulatory requirements
* Maintain required security documentation including policies, procedures and guides and be the liaison with the internal and external audit teams
* Assess and score security implementation and produce compliance reports (minimum quarterly basis) and provide security compliance-related recommendations as needed for IT Architecture and System Engineering projects including software applications and component reviews (includes Third Party/Vendors/Supply Chain)
* Responsible for ensuring all security systems (e.g. AV, internal scans, proxies, Network security devices etc.) and processes are robust and functional and are continuously improving evidenced by valid licenses, signatures are being updated automatically, logs, events and alerts are being sent, there are backups in place, access control is managed with 2FA and AD syncrhonication with auditing enabled and these systems cover at least 95% of assets all the time
* Responsible for ensuring the operational integrity of the system with regards to user access processes to key services (cloud and on-premise) and providing expertise to IT teams when needed
* Evaluate and provide security recommendations as needed for IT Architecture and System Engineering projects including software applications and component reviews (includes Third Party/Vendors/Supply Chain)
Be an integral part of all key security infrastructure, network, software and systems design teams to ensure systems are built with security principles
* Work with various stakeholders in different teams to establish relationships in order to drive various security projects
* Maintain and spread awareness of the security compliance landscape relevant to our environment to make users more security-cautious

WHO YOU ARE:

Essential:
* Working knowledge of host and network hardening techniques
* Detailed understanding of tools and techniques used by ethical hackers, including vulnerability testing tools and Penetration testing methodologies
* Experience with multi-tier web applications, relational databases and firewalls
* High level understanding of a wide range of security products such as; IDS/IPS, DLP, cloud security solutions, FIM, proxy servers and AV etc.
* Knowledge of GDPR and PSD2 requirements, Rep1028 and frameworks like ISO27001
* Basic knowledge of SABSA, TOGAF or COBIT

Desirable:
* Knowledge of PCI DSS and Swift
* CISSP and GIAC qualifications
* NIST

I lavori simili