Senior Security Engineer - Outside IR35

Job Description

Senior Security Engineer - Outside IR35

Length of Project: 12 months rolling (Outside IR35)

Work Environment: Hybrid: 1 day a week in the London office

The Cyber Security unit is accountable and responsible for safeguarding the company's critical infrastructure, intellectual property and customer data, against evolving cyber threats, ensuring no interruption to their operations.

The main duties span cyber threat management, real-time attack detection and prevention and swift remediation, integrated with advanced artificial intelligence and machine learning. Additionally, they leverage Cyber DevOps automations to facilitate rapid deployment and threat mitigation, ensuring the resilience of the businesses Operational technology (OT), IT and digital infrastructure in the face of emerging challenges.

Key Competencies

• Significant experience of Cyber Security engineering and delivery with a broad understanding OT and IT services
• Subject matter expert on Cyber Security on protecting IT, OT, and IP networks, such as IPSec VPNs, Firewalls, SIEM, IPS/IDS, AV/EDR solutions, LDAP/AD, etc.
• Privileged Access Management and related tools
• High level of expertise on Vulnerability and Compliance Management; DDOS protection
• Hands on experience on Cyber Security engineering and design of cloud solutions (such as AWS Azzure, etc), including open-source tools, DevOps and automation capabilities to enhance the cyber defence, (such as Zabbix, ELK, Grafana, Netbox, Netmiko, Ansible, Alienvault, OpenVas, etc.)
• Professional level knowledge in public clouds, such as AWS security services and architectures. Extensive knowledge of Private Clouds and related transferable skills are highly desirable.

Desirables but by no means essential

• Knowledge of policy frameworks and understanding of policies, procedures, guideline structure, and regulatory landscapes, such as, NERC CIP, NIST, NIS2, GDPR, EPCIP, etc.
• Virtualisation technology, including containerisation (eg. Docker, Kubernetes, Linux etc.)
• Host based security products (threat detection, mitigations, end user detection and response, micro segmentation, zero trust)
• Experience working within an ITIL environment, or a structured platform management, in particular change and incident management
• Professional certifications, e.g., CISSP, CISM, CCNP, CCIE, AWS Certified Security, etc.

Key Accountabilities

• Support end-to-end cyber capabilities for the businesses operational technology (OT) and Information Technology (IT), as per Cyber goals and company's strategy
• Subject matter expert on Cyber Security
• Design security capabilities and tools for new infrastructure & digital deployments, and the existing ones
• Design and dynamically re-adjust the cyber capabilities based on cyber threat landscape
• Lead Cyber incident response, do post-incident-reviews (PIRs), route-cause-analysis (RCAs), and deploy mitigating solutions. Report on Cyber incidents and manage related action plans
• Proactive capacity management of the cyber platforms, to ensure sufficient capacity is available at any time
• To design Cyber solutions that are well integrated with the IT and OT platforms
• Knowledge and experience of agile and DevOps methodologies
• To own development and implementation of policies and procedures, including operational cyber defence processes

If you would like to learn more about the contract, please apply and I will be in touch asap!

E: (url removed)

GCS is acting as an Employment Business in relation to this vacancy.