Infrastructure Security Engineer - 12 Month Contract - 450/day Outside IR35.
London based Insurance company are recruiting for Security Engineers to join the team foe an initial 12 month contract OUTSIDE IR35.
- Taking responsibility for leading, guiding, supporting and delivering secure architectural design for the group cyber security maturity programme.
- Identify areas of cyber security improvement to ensure cyber security and data security by design controls are adopted globally as outlines in the Howden Security and Configuration Standards Document (HSCSD)
- Support Data Loss Prevention (DLP) solutions that protect corporate data seamlessly across platforms, devices and environments globally.
- Support the integration of new cyber security technologies that meets the next generation threats and can be adopted by the group globally.
- You will be required to travel to the local sites, data centre or multiple offices location in order to complete your tasks for off the network countries.
- Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP's) are managed effectively up to closure.
- Firewall management
- Web Proxy management and CASB.
- Anti-Virus/Malware management
- Standard, third party and privilege access user management
- Remediation of external, internal vulnerabilities, web application scanning and patch compliance.
- Representing IT security at the Change Authority Board, Architecture Review Board and Data Privacy Working Group.
- Managing the security, RFC, ERFC and DDQ's queue in ServiceNow (dealing with suspicious emails, phishing, proxy and access request etc.)
- Monitoring and managing responses to the Cyber incidents, Security DL (which is mainly the above suspicious emails).
- Organise monthly Security Operations Meeting, Application and Information Security Forum
- All activities and findings must be recorded and stored as this will be used as evidence during COBIT 5, PCI DSS and Security review, internal and external audits.
Required Skills
- Good knowledge of Information Security Management System (Infrastructure Security Operations).
- Good knowledge of Azure cloud infrastructure and configuration.
- Good knowledge in System Centre Configuration Manager, Operations Manager and Virtual Machine Manager.
- Good knowledge of Microsoft Exchange online
- Good knowledge of Azure and on-premises Active Directory
- Good knowledge of Cyber Incident Management and or Security Forensic experience.
- Good knowledge of Windows Server and Linux
- Good knowledge in network (WAN, Wi-Fi) and Network Access Control (NAC) management
- Good knowledge in cloud email security gateway services
- Good knowledge server hardware including and CIS controls.
- Good knowledge of security monitoring, orchestrator and SEIM tools
- Good Knowledge of next-gen application firewalls, anti-malware, cloud proxies and CASB
Required Experience
- Experience in Azure cloud and identity management solutions.
- Specific focus on network equipment.
- Palo Alto Firewall, Imperva WAF and NAC experience
- Netskope proxy and CASB experience
- Microsoft Defender and Crowdstrike experience
- Azure Entra ID and DUO SSO & MFA gateway
- Data loss prevention tools experience
- Azure security centre and Wiz io experience
- Cymulate and Ping Castel experience
- SCCM or enterprise patch management tools
- TenableOne or enterprise vulnerability management tools
- Sound knowledge of industry best practices such as OWASP, Cyber security framework and NCSC guidance
Security legislation and regulatory frameworks exposure and awareness
- FCA or equivalent
- GDPR - General Data Protection Regulation
- PCI DSS - Payment Card Industry Data Security Standard
- COBIT 5 - Control Objectives for Information and related Technology
- ISO 27001 - Information Security Management System (ISMS)
- CIS - Center of Internet Security (Cyber security best Practices)
Infrastructure Security Engineer - 12 Month Contract - 450/day Outside IR35.