Senior Security Engineer (Aberdeen) - Hybrid Working (Office/Home)

Excellent Salary & Benefits Package - IT Security - IT
Ref: 182 Date Posted: Friday 16 Sep 2022
LinkedIn ShareShare

Senior Security Engineer

Our Aberdeen based client are looking for a Senior Security Engineer. You will be responsible for the implementation, maintenance and management of corporate wide IT security services, initiatives, policies, and programs providing protecting to the company’s data network. This is a hybrid working position where you will be expected to be in the office 1-2 days per week.

Additionally, they are responsible for the ensuring that all cloud platforms and services (such as Microsoft 365, Azure, AWS, or GCP) utilised across the company are secured in line company policies and best practice guidelines. You will cover all locations and cloud services globally for the provision of IT Security.

Principal Accountabilities

  • Engineering, implementing, maintaining, and monitoring security measures for the protection of KCAD systems, networks, and data
  • Identifying and defining system security requirements
  • Prepare and document standard operating procedures and protocols
  • Implementation of technologies and platforms to secure the corporate infrastructure
  • Configure and troubleshoot security infrastructure devices, solutions, and services
  • Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
  • End user engagement for the purposes of security education
  • Ensure that the company knows as much as possible, as quickly as possible about security incidents
  • Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement
  • Participate in cyber incident response activities
  • Perform changes in line with the corporate Change Management procedure.
  • Participate in the on-call schedule for off-hours support.
  • Mentor and educate IT staff on security principles and practices, operation, and configuration of corporate security systems
  • Troubleshooting of issues relating to managed systems and services
  • Stay current with technological advances
  • Act as a security escalation point for on-call engineers.

Preferred knowledge may include, but is not limited to:

  • Detailed technical knowledge of database, virtualisation, and operating system security
  • Knowledge of security technologies including firewalls, intrusion detection systems, MFA, anti-virus software, IAM systems, content filtering, etc
  • SIEM & log management technologies
  • Knowledge of Cisco security products including ASA, Firepower, Umbrella, Secure Endpoint, CES, ISE, ThreatGrid, ThreatResponse, Duo, and Secure X
  • Knowledge of operational technology environment security
  • Qualys vulnerability scanning and remediation
  • Working with tiered Active Directory model
  • Experience of working with NIST, ISF and ISO 25001 principals and frameworks
  • Experience of working with Privileged Access Management solutions
  • Experience of working with security awareness training platforms
  • Understanding of the latest security principles, techniques, and protocols
  • Familiarity with web related technologies and of network/web related protocols
  • Programming principles, scripting, and DevOps
  • Knowledge of security assessment tools (commercial, free/shareware)

Qualifications:

  • BSc in Computer Science and Security Focussed qualification
  • Or relevant experience

Experience:

  • Demonstrable relevant security experience of a complex IT environment

Email your CV to nat@mcnallyrecruitment.com. All suitable candidates will be contacted to arrange an in-person or video meeting.