What are we about:
Our ambition is simple. To combine our global know-how with local insight to help our clients turn their business goals into reality. By offering innovation, automation and organizational design. All with a personal touch.
Where the strategic magic happens:
London is our base of operations. Here, we’ve created an international office with dozens of exceptional people. Over the years, we’ve worked hard to secure our place as leading advisors and business support consultants within our industries. We are incredibly proud of what we’ve achieved so far and plan to continue along the same path. Constantly learning, improving and growing to make sure we always create lasting value for our clients.
Create value and reimagine the technology that powers the categories we work in. Provide management and consulting teams that turn start-ups into medium-sized businesses and support them as they evolve.
As a Senior Security Engineer, you form part of a global team of Information Security specialists across the enterprise. You must possess a very strong understanding of security engineering and architecture principles and practices related to an online business, applying them pragmatically in order to strike a balance between protecting our business and our customers, while allowing the organisation to get on with doing what it does best.
The Senior Security Engineer has full responsibility for the architecture, engineering, management and day-to-day operations of the security systems that protect the organisation’s data and information technology assets. Responsibilities include:
- Providing engineering services to the Information Security Team. Including; proof of concept, design, deployment and maintenance of new technologies, developing research and concepts into operations-ready capability, and ensuring that security tools and functions are properly engineered and supportable.
- Design, implementation, operation and ongoing management of security systems that safeguard data and information assets for the enterprise to ensure solutions and controls are deployed to mitigate internal and external security threats.
As a senior technical expert, you must enjoy working hands-on, operating, designing and building innovative security solutions.
- Work within the Information Security team to formulate solutions and services that create and maintain appropriate security measures and capabilities to protect against unauthorised access to electronically stored and/or transmitted information, and to protect against anticipated and cutting edge threats and vulnerabilities
- Continually assessing potential information security risks and identifying a roadmap to improve the security posture of the organisation.
- Establish yourself as the Security Engineering SME for components of the Information Security Toolset
- Be an integral part of Security Engineering projects and solutions, including design, implementation, and on-going development of platforms such as SIEM, firewalls, IDS, Mobile Device Management, Enterprise Password Management and Endpoint Security solutions.
- Provide Security Engineering response to Production Incident and Problem investigations. Working with both technical and non-technical stakeholders.
- Research new security related technologies and advancement, and identify opportunities for continual improvement, providing recommendations for ongoing improvements to the organisation.
- Maintain detailed sets of documentation for all network and security systems.
Technical knowledge and experience:
- Strong technical experience within security engineering, with a focus on solution design and implementation
- Demonstrated experience with the management and development of data analysis platforms such as Splunk, ELK, LogRhythm from data ingestion, presentation, alerting and applications.
- Extensive experience and in-depth understanding of the design, deployment and support of security technologies, e.g. Suricata IDS, Vulnerability Management, Authentication and identity management, SIEM, MDM
- Enterprise usage of automation platforms such as ansible, puppet, Chef, Rudder etc.
- Experience with designing security solutions at scale for large enterprises or for multi-tenant service providers. Experience with service design, appraising the impact of new solutions and controls on operational teams who supporting these services.
- Optional / desired: Experience with Data Loss Prevention platforms, Cloud Security technologies, scripting (primarily Python) and Security Orchestration Automation and Response implementations.
- Familiarity with industry security configuration standards, such as NIST and CIS
- Must be an intelligent, articulate, consensus building individual who can serve as an effective member of the Information Security team and effectively communicate technical concepts.
- Ability to work closely with a Security Architect over a range of security domains to build, test, deploy and maintain solutions in alignment with organisational objectives.
- Must demonstrate the ability to maintain strict confidentiality of the company’s internal and personnel affairs.
- Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritising and time allocation in a high-pressure environment.
- Ability to manage technical and procedural transformation and adapt to a rapidly changing environment.
- Highly self-motivated and directed, and able to harness different skills and experience, and enjoy a strong sense of team spirit.
- Ability to work and communicate effectively in a global, multi-office, environment and willing to travel to overseas offices, as required.
- Able to build strong working relationships with remote colleagues across the Information Security, IT Operations and wider organisational teams and third party providers.
- Excellent verbal communication and documentation/technical writing skills in English.
Non-essential but an asset
- Degree in Computer Science or equivalent working experience preferred
- Security accreditation (such as GIAC GSEC, GCSA or GDSA)
- Vendor specific security certifications demonstrating a technical hands-on aptitude for the platform