Cyber Security Engineer

The Security Engineers are responsible for implementing, configuring, and evolving the security technology portfolio. 

The Security Engineering team forms part of the Information Security Operations team.  This is a proactive role, and the successful candidate will have strong analytical and troubleshooting skills and a desire to learn new technologies.

The role would suit someone who has worked with a diverse set of IT/security products and has demonstratable experience securing cloud technologies.

Main Duties:

• Day to day support and maintenance of Security tooling.
• Take a threat led approach to generating mitigation and countermeasures.
• Be responsible for maximising the value and effectiveness of our information security tools and technologies. Evaluate, implement, and optimise security solutions to protect our organisation's digital assets. Work closely with other teams to ensure that security tools are properly integrated and aligned with our overall security strategy. Identify gaps, recommend improvements, and ensure that our security measures are both robust and cost-effective. Stay abreast of the latest security trends and technologies to continuously enhance our security posture.
• Understand the key risks the organisation faces, the key tactics techniques and procedures that likely threat actors will exploit and create control boundaries to intersect these domains.
• Work collaboratively with wider Information Security team.  This would include working with: The Incident Response team, assisting with incidents and enhancing Incident Response tooling; Security Architecture to ensure that any existing constraints are overcome within forward looking plans; and with the Security Consultants to provide additional technical knowledge.
• Actively participate in the Security Operation Centre (SOC) activities.  Responsibilities may include monitoring security events, analysing potential threats, and responding to security incidents promptly. You may be required to assist the SOC by identifying vulnerabilities, managing security tools, and implementing protective measures.
• Take part in post incident reviews and propose engineering resolution to improve results in any future recurrence.
• to work collaboratively with the development and Cloud Platform teams to enhance security in all aspects of the application development lifecycle
• to work alongside Security Architects & Risk Consultants to define and improve the Cloud Security process and tooling
• Champion best practice methods for web application hosting and protection, endpoint management and software defined protection.
• Monitor the capacity of security tooling & supporting infrastructure and project future capacity for security products.
• Recognise that telemetry for security products will increasingly be curated in the cloud and be prepared to develop API endpoints and connections to collect and collate this knowledge.
• Understand and develop security configurations for micro services, serverless computing and software as a service security solutions.
• Work with third-party suppliers of the Security Products.
• Participate in the Information Security On-Call rota (optional).

Essential Experience:

• Proven experience of supporting IT/Security infrastructure
• Strong technical background is required with knowledge of managing, supporting, and creating policy for at least two of the following areas:
  • Internet Filtering
  • Email Filtering
  • EndPoint Detection and Response
  • Host Based Firewalling, HIDS/HIPS
  • Antimalware
• Cloud Security Tools (e.g. Google Cloud Command Security Center, Azure Security Centre)
• The ability to pick up and learn new technology approaches and make rapid decisions on the best way to use these technology advancements for the betterment of the overall security posture.
• Excellent communication skills as the ability to communicate effectively, constructively, confidently, and professionally is key to the success in the role as is the ability to work with IT and Information Security teams and the wider business.
• An excellent knowledge of Information Security principles and an understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
• Keen attention to detail and excellent analytical skills.
• Ability to actively manage workloads to meet business and department requirements.

Desirable Experience:

• One or more technical Information Security Certifications such as:
  • CompTIA: Security+
  • GIAC Certification: GCWN, GSEC
• Degree in an Information Security / Computing discipline.
• Experience in ITIL concepts.
• Experience working within in an Agile framework.
• Experience with a least 1 of the main cloud vendors (Amazon Web Services, Azure, Google Cloud Platform).
• Experience of DevOps tooling (Git, CI/CD, Terraform, Ansible).
• Experience of Docker and Kubernetes.
• Familiarity with a programming or scripting language.
• Familiarity with regex / regular expressions.
• A working knowledge of financial services and the typical business processes involved together with the threat actors and their relevant tactics, techniques and procedures would be of significant advantage.

Salary, Benefits and Work-Life Balance

We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.

At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we’re consistently voted one of the Sunday Times Best Big Companies to Work For in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.

All colleagues will receive 33 days holiday (including banks holidays) when they join us, and this will increase with length of service, up to a maximum of 38 days (including banks holidays). You also have the option to buy or sell up to five days of annual leave in addition to your allocation.

You can also view some of our other key benefits here.

#LI-KG1