Senior IT Security Engineer
Remote with 1-2 days in London per quarter as needed. 6-12 month Fixed Term Contract.
Experienced IT Security Engineer required to bolster the Info Sec team, specifically to translate risks and threats into clear guidance of what that means to the Infrastructure, Technical Delivery and Application teams, in terms of impact and required action, with a practical and hands on approach to the delivery of the same.
This role will make a big impact on improved security posture and maturing the security skills of the team and technical environment. Must be a willing coach, able to share knowledge and expertise and influence and guide teams, with a desire to get hands dirty to deliver and drive security initiatives.
Key responsibility areas:
Network Security:
- Network Access Control (NAC) Implementation: Design, implement, and maintain a NAC solution to prevent unauthorized devices from accessing the corporate network.
- Firewall Rule Review and Optimization: Review and strengthen existing firewall rules to enhance network security.
- Web Gateway Upgrade: Implement a TLS inspecting web gateway to monitor encrypted traffic and prevent potential threats.
Data Exfiltration:
- Investigate Data Exfiltration Methods: Analyze potential methods employees might use to exfiltrate data.
- Removable Media Control Implementation: Design and implement a solution to restrict removable media access based on job roles.
Endpoint Security:
- Evaluate User Access Permissions: Review and potentially limit access to administrative tools like PowerShell and CMD, based on a least privilege principle.
Zero Trust Security Framework:
- Zero Trust Investigation and Roadmap Definition: Research and develop a roadmap for implementing a Zero Trust security model.
Other
- Contribute to Cyber Essentials + and ISO27001 strategy
- Ensuring policies, activities and standards are up-to-date, fit for purpose, in line with appropriate standards, certifications, best practice and legislation.
- Ensuring policies, standards and technology controls are implemented and maintained.
- Acting as a central point of contact / escalation for incident, compliance, data protection and information security queries or issues.
About You
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
- Minimum of 5 years experience in a Security Engineering role.
- Strong understanding of security principles and methodologies (e.g., NIST Cybersecurity Framework, CIS Controls).
- Experience with network security tools (NAC, firewalls) and web security solutions (TLS inspection).
- Experience with endpoint security and access control measures.
- Excellent analytical and problem-solving skills.
- Strong communication and collaboration skills.
- Ability to work independently and as part of a team.
Please apply today for immediate CV review.
Kinetech is acting as a recruiter in relation to this vacancy. Please see our website and data privacy policy for more information on how we handle your data.