IT Security Engineer
Summary: IT Security Engineers at White Clarke Group are responsible for administration, building and maintaining IT security solutions for the company in line with our information security standards and best practices
Description of the role
- Administration, building and maintaining IT technical security solutions.
- Reviewing and assessing information security events and logs; investigating and resolving any security events as they arise.
- Ensuring compliance requirements such as GDPR, PCI-DSS, SSAE-18 are met.
- Monitoring and administering the various security tools of the company estate.
- Implementation of new security technology.
- Regularly audit servers, network equipment, physical environments, products, applications, systems, directory services, procedures and end-user devices.
- Carry out network, systems and infrastructure security/vulnerability tests, analysing the outcomes and make recommendations for security improvements.
- Configuring and installing firewalls, intrusion detection and SIEM systems.
- Developing automation scripts to handle and track incidents.
- Investigating intrusion incidents, conduct forensic investigations and mount incident responses.
- Testing security solutions using industry-standard analysis criteria.
- Collaborating with colleagues on authentication, authorization and encryption solutions.
- Evaluating new technologies and processes that enhance security capabilities.
- Performing vulnerability testing, risk analyses and security assessments.
- Changes in software, hardware, facilities, telecommunications and user needs in line with the defined change management process
- Defining, implement and maintain corporate security policies.
- Analysing and advise on new security technologies and program conformance.
- Recommending modifications in legal, technical and regulatory areas that affect IT security.
Requirements of the role
- Understanding of security tools – IDS/IPS, patching, vulnerability management, SIEM, penetration test and remediation.
- Firewall and intrusion detection/prevention protocols and SIEM solutions.
- Secure coding practices, ethical hacking and threat modelling.
- Client and server IT infrastructure and software operations.
- Experienced with 3-tiered architecture.
- Knowledge of information security frameworks – for example, ISO-27001, OWASP or SANS-20.
- Experience with *Nix operating systems.
- Windows, UNIX and Linux operating systems.
- Virtualization technologies.
- Oracle/SQL database platforms.
- Identity and access management principles.
- Application security and encryption technologies.
- Secure network architectures.
- Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods.
- Network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.).
- Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication.
- ITIL V3 Foundation is Desirable.
- Scripting experience.
- Amazon AWS.
- CEH: Certified Ethical Hacker.
- CCNP Security: Cisco Certified Network Professional Security.
- GSEC / GCIH / GCIA: GIAC Type Security Certifications.
- CISSP: Certified Information Systems Security Professional.
White Clarke Group are committed to welcoming people with disabilities with respect to recruitment, employment, training, career development and career progression and welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process.
- Competitive CTC and benefits package.
- Outstanding career and development prospects
- Support with professional certifications.
- Flexible working.
- Health Insurance.
- Death in service benefit.
- 15 days holiday that increases with length of service
- Option to buy more holiday.
- Generous Employee Referral Scheme.
- Various companywide social events.
- Provident Scheme.