Security Operations Engineer (Edinburgh/ hybrid)
Head Resourcing are delighted to be working closely with a globally recognised financial services company to grow their current Security team with 2 additional Security Engineers.
Working alongside a talented and ambitious team within the Security, Resilience and Protection department.
This Security Operation Engineer role is an integral part of the team, responsible for support and optimisation of the Security Operation platform. With several innovative projects, designing security controls and delivering emerging security technologies, this role will offer plenty to keep your attention.
I am looking for commercially experienced individuals who are enthusiastic about Security and able to help deliver improvements across a number of cyber security domains including Security Data and Analytics, Security Automation, Incident Response and Threat Detection.
The successful applicant will work closely with the SOC as well as other security functions alongside a 3rd party security supplier as well as global IT and business teams across the company.
As a part of the Cyber Security Operations team, this role will support:
- Security Platform Optimisation, covering endpoint, network, cloud and logging technologies.
- Security Orchestration Automation and Response, building security automation playbooks and integrations.
- Security Data & Analytics, onboarding data and developing detection logic and analytics.
- SOC Architecture, developing interface definitions and security guidelines.
- Incident response, as part of the Cyber Security Incident Response Team for cyber incidents
What we are looking for:
- Proven experience in cyber security
- Experience supporting security tools, such as SOAR, SIEM, EDR, NGFW, CSPM, WAF, AV
- Industry recognised certifications such as Certified Splunk Architect, PCSAE, CISSP/CCSP, CEH or equivalent experience
- Experience working in a hybrid (on-prem/multi-cloud) environment. Azure or AWS certifications a plus
- Knowledge of one or more scripting languages with experience in developing automation playbooks, scripts that interact with APIs and parsers for data engines.
- Understanding of microservices architecture, Kubernetes, Containers, CI/CD pipelines and DevSecOps
- Passion for security and self-development to keep up to date with the evolving threat and vulnerability landscape, new technologies and service improvements
For further information, please send a copy of your CV