CyberSecurity Engineer

Job Title: CyberSecurity Engineer
Location: Cardiff Bay, Wales
Salary: Up to £50k (dependent on experience)
Department: Information Security & Compliance
Reports To: Security Operations Manager


Reporting to the Head of Information Security, the Cyber Security Engineer will be responsible for implementing information security solutions, and providing best practice guidance across all infrastructure and end user services.

The Information Security team improves Creditsafe’s security posture through mitigating vulnerabilities, performing threat hunting, implementing security controls, and deploying solutions to provide defence in depth. This will be achieved through guidance from the Head of Information Security and Compliance, Security Operations manager and researching new tools and technologies, while promoting continuous improvement and best practice within the department. All new services will be transitioned to live operations with the relevant supporting documentation created by members of the Information Security team.

You will be working in a fast-paced Agile environment and the role will require the ability to focus and refocus effort based on the business and operational needs, managing several issues and projects at any one time.

The Information Security team will analyse, manage and remediate all security incidents across the Creditsafe estate with guidance and training provided to other members of the Technology Engineering department where appropriate.

Principal responsibilities:

Design, configure & implement monitoring of:

• SIEM solutions and integrations
• Antimalware and Antivirus
• Identifying OS and Application patching needs
• Application Security scanning
• Application validation and due diligence
• Red / Blue team exercises
• Infrastructure hardware, software and network security
• Cryptography

Defining security requirements for:

• End user device security applications
• Web Application Firewall rules

Hardening Standards for:

• Devices
• OS
• Servers
• Key applications
• Switches
• Firewalls
• Microsoft EMS
• SIEM solution monitoring
• Analysing and remediating security events
• Identifying security vulnerabilities and remediating them

Additional Responsibilities:

In addition to commissioning new services, the Information Security team will be a point of Tier 4 support for complex technical issues and root cause analysis of security incidents. There is also the opportunity to:

• Participate in a 24/7 on call rota as required
• Be part of migrations Active Directory / Office 365 / Patching / Capacity & Availability delivery

**Please note that the responsibility lists detailed above are not exhaustive and the CyberSecurity Engineer may be requested to perform additional duties / take on additional responsibilities deemed as reasonable by their direct line manager.

Candidate Specification

I.T. Proficiency (Essential)

• Unified Security Incident and Event Management & Threat Intelligence solutions (e.g. Securonix, Sentinel)
• Experienced in scoping penetration tests, performing vulnerability analysis
• Application Security Remediation (e.g. CSP, HSTS, WAF rules)
• Email security Remediation (e.g. SPF, DKIM, DMARC)
• Security scanning tools (e.g. Rapid7, Sonarqube, Whitesource, Kali, Varonis)
• Security Patch management (e.g. WSUS, 3rd party patch management tools)
• Managing enterprise security solutions (e.g. AV / DLP / IDS / IPS / IAM)
• Windows server – 2008 (R2), 2012 (R2), 2016, 2019
• Linux (CentOS / Ubuntu)
• Commercial experience of AWS / Azure environments
• General networking skills (DNS, DHCP, TCP/IP, Firewalls)
• Vmware 7.x
• Managing workloads through a workload management toolset

I.T. Proficiency (Desirable)

• Experience of working with Developers on secure coding approaches
• Experience of supporting Citrix XenApp and MS Windows desktop environments
• Microsoft Exchange 2019 and Exchange Online
• Office365
• Shared storage (e.g. Dell EqualLogic / Compellent)
• Veeam Backup and replication services
• Experience of monitoring tools such as Solarwinds Orion, CloudWatch, Site24x7
• Information Security Certification (CompTIA Security+, CompTIA CyberSecurity Analyst+, AWS Certified Security – Specialty)