Senior Security Engineer

The Senior Cyber Engineer will have a passion for cyber security along with a desire to relentlessly champion best practices. The role is responsible for implementing, configuring, and guiding the evolution of the security technology portfolio. The Cyber Engineering team sits within the Information Security Operations team. This is a proactive role, and the successful candidate will have strong analytical and troubleshooting skills and a desire to learn new technologies.

Main Duties

The Senior Cyber Engineer will:

• Manage technical escalations to a successful resolution.
• Raise awareness of security policies and develop corresponding procedures.
• Analyse business needs, research, and recommends solutions, drive adoption of the best ones.
• Take a threat led approach to generating mitigation and countermeasures.
• Identify and lead maximising security value from existing investments.
• Understand the key risks the organisation faces, the key tactics techniques and procedures that likely threat actors will exploit and create control boundaries to intersect these domains.
• Work collaboratively with the wider Information Security team. This would include working with: The Incident Response team, assisting with incidents and enhancing Incident Response tooling; Security Architecture to ensure that any existing constraints are overcome within forward looking plans; and with the Security Risk Consultants to provide additional technical knowledge.
• Take a leading role in post incident reviews and propose engineering resolutions to improve results in any future recurrence.
• Champion best practice methods for web application hosting and protection, endpoint management and software defined protection.
• Design, produce and continually improve Management reporting.
• Monitor the capacity of security tooling & supporting infrastructure and project future capacity for security products.
• Recognise that telemetry for security products will increasingly be curated in the cloud and be prepared to develop API endpoints and connections to collect and collate this knowledge.
• Establish and manage relations with vendors and related equipment suppliers.
• Participate in the Information Security On-Call rota
• Triage security issues and provide recommended fixes.
• This position is an active member of the business Change Advisory Board

Essential Experience

• 8+ years of IT experience including at least 4 years in a cyber security role delivering security solutions.
• Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills.
• Strong technical background is required with knowledge of managing, supporting, and creating policy for at one or more of the following areas:
  • Internet Filtering
  • Email Filtering
  • Endpoint Detection and Response
  • Host Based Firewalling, HIDS/HIPS
  • Antimalware
• The ability to pick up and learn new technology approaches and make rapid decisions on the best way to use these technology advancements for the betterment of the overall security posture.
• Excellent communication skills as the ability to communicate effectively, constructively, confidently, and professionally is key to the success in the role as is the ability to work with IT and Information Security teams and the wider business.
• An excellent knowledge of Information Security principles and an understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
• Keen attention to detail and excellent analytical skills.
• Ability to actively manage workloads to meet business and department requirements.
• Strong process-oriented individual with experience in ITIL concepts.

Desirable Experience

• One or more technical Information Security Certifications such as:
  • CISSP
  • CompTIA: Security+
• Degree in an Information Security / Computing discipline.
• Familiarity with a programming or scripting language.
• Familiarity with regex / regular expressions.
• Experience working within in an Agile framework Experience with a least 1 of the main cloud vendors (Amazon Web Services, Azure, Google Cloud Platform).
• Experience with a SIEM such as Microsoft Sentinel and/or Google SecOps.
• Experience of logging, monitoring, ingestion, and parsing.
•  A working knowledge of financial services and the typical business processes involved together with the threat actors and their relevant tactics, techniques and procedures would be of significant advantage.

Admiral: Where You Can

We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We’re committed to fostering a people-first culture where everyone is accepted, supported, and empowered to be brilliant. You can, Grow And Progress at a pace and direction that suits you, Make A Difference for our customers and each other, and Share in Our Future with all colleagues eligible for up to £3,600 of free shares each year after one year of service.

Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave.

We’re proud of our people-first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over 25 years! We’re fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of the protected characteristics.

Our fantastic benefits make sure our colleagues have a great work-life balance; You can view some of our other key benefits here.

#LI-KG1