Security Engineer - Berkshire - 100K


Premium Job From BCT Resourcing

Recruiter

BCT Resourcing

Listed on

14th October 2019

Location

Bracknell

Salary/Rate

£85000 - £100000

Type

Permanent

Start Date

2019-10-10

This job has now expired please search on the home page to find live IT Jobs.

The Senior Security Engineer is a technical security role which sits within the Global IT Operations team. Youll be responsible for security incident response activities, working with IT colleagues to record and report incidents and work with incidents from inception to remediation. You will be required to review changes, handle escalated tickets and major security incidents referred by the IT Team or discovered by our security systems.

WHAT YOULL DO:

* Monitor, detect and analyze threats in various notification platforms, respond and resolve incidents in maximum 4 hours. Drive lessons learned and process documentation to continue to reduce MTTR by 20% in the first 12 months

* Ensuring Euronet Security Standard yearly targets are met and work with the SSO to identify the required action plan

* Maintain 100% compliance with the external regulations (e.g. PCI DSS, PSD2, Swift, GDPR) including working with external auditors to ensure controls are met and all security recommendations are implemented within the required time

* Ensuring Euronet Security Standard yearly targets are met and work with the SSO to identify the required action plan

* Conduct a minimum of quarterly validation of security implementations and compliance including regulatory requirements

* Maintain required security documentation including policies, procedures and guides and be the liaison with the internal and external audit teams

* Assess and score security implementation and produce compliance reports (minimum quarterly basis) and provide security compliance-related recommendations as needed for IT Architecture and System Engineering projects including software applications and component reviews (includes Third Party/Vendors/Supply Chain)

* Responsible for ensuring all security systems (e.g. AV, internal scans, proxies, Network security devices etc.) and processes are robust and functional and are continuously improving evidenced by valid licenses, signatures are being updated automatically, logs, events and alerts are being sent, there are backups in place, access control is managed with 2FA and AD syncrhonication with auditing enabled and these systems cover at least 95% of assets all the time

* Responsible for ensuring the operational integrity of the system with regards to user access processes to key services (cloud and on-premise) and providing expertise to IT teams when needed

* Evaluate and provide security recommendations as needed for IT Architecture and System Engineering projects including software applications and component reviews (includes Third Party/Vendors/Supply Chain)

Be an integral part of all key security infrastructure, network, software and systems design teams to ensure systems are built with security principles

* Work with various stakeholders in different teams to establish relationships in order to drive various security projects

* Maintain and spread awareness of the security compliance landscape relevant to our environment to make users more security-cautious

WHO YOU ARE:

Essential:

* Working knowledge of host and network hardening techniques

* Detailed understanding of tools and techniques used by ethical hackers, including vulnerability testing tools and Penetration testing methodologies

* Experience with multi-tier web applications, relational databases and firewalls

* High level understanding of a wide range of security products such as; IDS/IPS, DLP, cloud security solutions, FIM, proxy servers and AV etc.

* Knowledge of GDPR and PSD2 requirements, Rep1028 and frameworks like ISO27001

* Basic knowledge of SABSA, TOGAF or COBIT

Desirable:

* Knowledge of PCI DSS and Swift

* CISSP and GIAC qualifications

* NIST

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: