Senior Security Engineer
Our Aberdeen based client are looking for a Senior Security Engineer. You will be responsible for the implementation, maintenance and management of corporate wide IT security services, initiatives, policies, and programs providing protecting to the company’s data network.
Additionally, they are responsible for the ensuring that all cloud platforms and services (such as Microsoft 365, Azure, AWS, or GCP) utilised across the company are secured in line company policies and best practice guidelines. You will cover all locations and cloud services globally for the provision of IT Security.
- Engineering, implementing, maintaining, and monitoring security measures for the protection of KCAD systems, networks, and data
- Identifying and defining system security requirements
- Prepare and document standard operating procedures and protocols
- Implementation of technologies and platforms to secure the corporate infrastructure
- Configure and troubleshoot security infrastructure devices, solutions, and services
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- End user engagement for the purposes of security education
- Ensure that the company knows as much as possible, as quickly as possible about security incidents
- Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement
- Participate in cyber incident response activities
- Perform changes in line with the corporate Change Management procedure.
- Participate in the on-call schedule for off-hours support.
- Mentor and educate IT staff on security principles and practices, operation, and configuration of corporate security systems
- Troubleshooting of issues relating to managed systems and services
- Stay current with technological advances
- Act as a security escalation point for on-call engineers.
Preferred knowledge may include, but is not limited to:
- Detailed technical knowledge of database, virtualisation, and operating system security
- Knowledge of security technologies including firewalls, intrusion detection systems, MFA, anti-virus software, IAM systems, content filtering, etc
- SIEM & log management technologies
- Knowledge of Cisco security products including ASA, Firepower, Umbrella, Secure Endpoint, CES, ISE, ThreatGrid, ThreatResponse, Duo, and Secure X
- Knowledge of operational technology environment security
- Qualys vulnerability scanning and remediation
- Working with tiered Active Directory model
- Awareness of NIST, ISF and ISO 25001 principals and frameworks
- Awareness of Privileged Access Management solutions
- Awareness of security awareness training platforms
- Understanding of the latest security principles, techniques, and protocols
- Familiarity with web related technologies and of network/web related protocols
- Programming principles, scripting, and DevOps
- BSc in relevant discipline
- Or relevant experience
- Demonstrable relevant experience and of a complex IT environment
- Previous security role experience
Email your CV below. All suitable candidates will be contacted to arrange an in-person or video meeting