Information Security Engineering Lead

Information Security Engineering Lead

Description

The Security Engineering Lead is responsible for leading the Security Engineering team.  The team sits within the Advanced Threat Engineering operation which forms part of the wider Information Security Operations team (SOC (Security Operations Centre), Incident Response, Forensics, and Threat Intelligence). 

The Security Engineering team is responsible for delivering and operating the security tools, ensuring their availability and that they are configured to protecting the business and detect attackers.  The teams are threat led and focused on continuous improvement to ensure that the security tools remain effective with both the ever-changing threat landscape and the evolving needs of the business.  The team also plays an active part in the Incident Response process.

As the Lead you will be responsible for co-ordinating the efforts of the Engineers to ensure effective monitoring takes place; offering technical guidance and support; reviewing and improving changes and processes; and contributing to the strategy for the Advanced Threat Engineering operation; and management of the team.

The role would suit someone who has worked with a diverse set of IT/security products and across a large on-premise infrastructure managed in house and the successful person will have a strong technical background and at least 2 years’ management experience and be able to evidence good coaching and leadership practices.

Responsibilities

The Information Security Engineering Lead will:

• Oversee the day to day support and maintenance of Security tooling
• Take a threat led approach to generate mitigation and countermeasures
• Maximising security value from existing investments
• Encourage the use of automation to allow task to be completed more efficiently
• Understand the key risks the organisation faces, and the key tactics, techniques and procedures that likely threat actors will exploit and to create control boundaries to intersect these domains
• Manage a team of Security Engineers and provide coaching and guidance to meet the desired risk reduction
• Take part in post incident reviews and propose engineering resolution to improve results in any future recurrence
• Champion best practice methods for web application hosting and protection, endpoint management and software defined protection
• Project future capacity for security products and supporting infrastructure
• Recognise that telemetry for security products will increasingly be curated in the cloud and will be prepared to develop API endpoints and connections to collect and collate this knowledge
• Understand and develop security configurations for micro services, serverless computing and software as a service security solutions.
• Work collaboratively with Security Architecture and Information Technology to ensure that any existing constraints are overcome within forward looking plans
• Work with the third-party suppliers of the Security Products
• Participate in the Information Security On-Call rota.

Essential Experience / Skills

• 4 years technical experience in either Security Engineering or IT Infrastructure / Operations.
• 2 years management experience.
• In-depth experience in at least one of the following areas with a working knowledge of the remaining areas:
  • Internet Filtering
  • Email Filtering
  • EndPoint Detection and Response
  • Host Based Firewalling, HIDS/HIPS
  • Antimalware
• The ability to pick up and learn new technology approaches and make rapid decisions on the best way to use these technology advancements for the betterment of the overall security posture.
• Excellent communication skills as the ability to communicate effectively, constructively, confidently and professionally is key to the success in the role as is the ability to work with IT and Information Security teams and the wider business.
• An excellent knowledge of Information Security principles and an understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
• Keen attention to detail and excellent analytical skills.
• Ability to actively manage workloads to meet business and department requirements.
• Understanding of enterprise grade technical security controls and defence in depth practices.

Desirable Skills

• One or more technical Information Security Certifications such as:
  • (ISC)² CISSP
  • CompTIA: Security+, CASP+
  • GIAC Certification: GSEC, GCED, GDAT
• Degree in an Information Security / Computing discipline
• Familiarity with at least one cloud platform such as Microsoft Azure, Amazon AWS or Google GCP.
• Familiarity with a programming or scripting language.
• Familiarity with regex / regular expressions
• A working knowledge of financial services and the typical business processes involved together with the threat actors and their relevant tactics, techniques and procedures would be of significant advantage.

About Admiral

We're Wales’ only FTSE 100 company. We have forward-thinking approaches and provide endless opportunities to test, learn and grow. There's a reason we've been named a Best Place to Work: our progressive culture, core values, and commitment to diversity and inclusion have created a working environment where people share ideas, aren’t afraid to speak up and change things, and above all, feel valued.

Admiral has grown from being a small start-up into a multi-national organisation. The company is constantly investigating new products, services and markets and is now present in eight countries with a diverse product portfolio.

Our success goes hand-in-hand with having a strong culture where we put our people and customers first. Our philosophy is simple yet effective: people who like what they do, do it better, and this, in turn, means that our customers receive the level of service and products that they deserve. Our culture is honest, open and wholeheartedly focused on four key areas:

Communication, Equality, Reward & Recognition, and Fun.

Salary, Benefits and Work-Life Balance

We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.

At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we're voted no. 1 in the 2019 Sunday Times Best Big Companies to Work For in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.

You can also view some of our other key benefits here; https://admiraljobs.co.uk/employee-benefits/.

If you think this role is for you and would like to be considered for this opportunity, please click “apply now” to complete an online application form.

Please note, we are unable to accept CVs via email and from agencies. 

#LI-LP1