The Managed Security Engineer role is part of the Network Operations Centre (NOC) and Cyber Security Operations Centre (CSOC) within the Managed Services Department of IT Lab. The candidate will be an active member within the NOC and CSOC using a variety of network and security platforms to meet the requirements of the business and its customers. This is a hands-on role and requires broad technical knowledge, skills and abilities of modern IT systems and infrastructure. It is advantageous to have a sound understanding and/or experience of Cyber Security methodologies, concepts and practices.
Duties and responsibilities:
Work within a multi-disciplined environment (NOC / CSOC) identifying, owning, progressing and resolving network and security incidents.
Perform prompt and effective incident triage and investigation applying sound problem-solving methods to determine scope, urgency, and potential business-impact.
Maintain and operate a wide variety of platforms and toolsets.
Work with internal and external stakeholders to resolve network and security incidents and vulnerability compliance.
Drive customer satisfaction and continuously seek to improve operational performance.
Collaborate with other teams to maintain standards and functionality.
Initiate, update, approve and maintain knowledge articles within the prescribed ITSM tool
Ensure Service Level Agreements (“SLAs”) are met internally and per customer requirements
Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities.
Provide technical support for the identification, triage and response to events or incidents of a suspicious or malicious nature, and apparent security breaches.
Required skills and capabilities
The ideal candidate will have/be:
Excellent soft skills in the form of team working, problem solving and communication.
A keen self-starter who can evidence excellent customer service and can collaborate effectively.
A good understanding of process, change and problem management
Demonstrable network security knowledge: IDS/IPS, firewalls, remote access, VPN, network monitoring, vulnerability scanning, anti-malware
Good working knowledge of Windows and Linux OS, TCP/IP, DNS, HTTP(S), SNMP and server virtualisation (Hyper-V/VMware)
One or more of the following industry certifications:
CompTIA Security+, Network +, A+, Microsoft Certified Associate or higher, Cisco CCNA or above.
Solid working experience of a number of the products in the following technology stacks:
Networking and Firewalls – Cisco, Dell, Fortinet
Microsoft Servers 2012-2019
Cloud platforms – O365, Azure, AWS, Mimecast
RMM and Professional Monitoring toolsets
Data Protection | Backup solutions – Backup Exec, VEEAM, Microsoft, DPM, Microsoft Azure Backup Server, Azure Site Recovery
Desired working experience:
Experience with a SIEM platform (Splunk, AlienVault, QRadar, LogRhythm)
Experience with Fortinet, Cisco Meraki, Switching (HP, Juniper), Firewalls (Cisco, Juniper, Palo Alto)
Experience in cloud architectures (Azure, AWS) and engineering solutions
An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS
Having achieved at least a BSc or MSc in Cyber Security incorporating Ethical Hacking, Digital Forensics or Information Security
Working hours will be 40 to 45 hours a week during standard business hours (Monday – Friday, rotational shifts between 7am – 7pm UK time)
Package depending on experience
22 days’ annual leave
Access to a medical aid and pension scheme
Rewarded for additional IT related study
Free breakfast daily, lunches paid for on Friday (and a whole array of other benefits!)
Working for an established London based employer with predominantly UK based clients