IT Security Specialist focusing on cyber defense within a family - owned company. Responsibilities include managing firewalls, monitoring threats, and implementing security solutions.
About the role
- Offensive Security Specialist at Bupa testing and analyzing security controls across IT infrastructures. Collaborating with teams and utilizing threat intelligence to enhance security posture.
Responsibilities
- Reviewing and analysing findings from multiple data sources to assess their impact and determine remediation priorities.
- Developing remediation plans for high-priority vulnerabilities, using your offensive security expertise to identify potential attack paths.
- Collaborating across teams to disrupt those paths effectively, leveraging both your technical knowledge and that of others.
- Influencing stakeholders including technology owners and remediation teams to commit to and implement remediation strategies.
- Perform risk analysis on test data to ensure the most critical issues are addressed first, aligning with frameworks like MITRE ATT&CK and the Unified Kill Chain.
- Use threat intelligence to guide future assessments, ensuring testing is relevant to current controls and risks.
- Utilise BAS platforms and engage in continuous self-learning through provided resources to maintain your credibility and expertise.
- Partner with internal and external SMEs across Security Operations, Engineering, Threat Intelligence, and Vulnerability Management to design effective solutions.
- Mentor and guide colleagues, sharing knowledge and influencing others to resolve identified weaknesses.
- Lead small projects, ensuring timely and accurate implementation of solutions, and design unbiased methods to validate their effectiveness.
- Challenge and improve existing processes, contributing to documentation and reporting using tools like Kibana, Lucene, and Python.
- Communicate technical findings clearly to Risk teams and other stakeholders, ensuring risks are well understood and documented.
Requirements
- Experience within any of the following IT Security disciplines: Security Operations, Red teaming, Penetration Testing, Security Engineering.
- Along with expert knowledge of various enterprise technologies/infrastructure including network architectures, operating systems and security controls.
- Confident in their technical expertise and can present themselves as a technically competent SME.
- Exposure to Security Monitoring and Security Control technologies
- Exposure to Threat Intelligence sources
- Good experience of typical enterprise security services including but not limited to: Threat Intelligence Penetration testing Anti-malware Email/SPAM management Authentication mechanisms SIEM WAF Firewalls Proxy technologies IDS/IPS DLP
- Has a track record of technical delivery within a fast paced & pressured environment.
- Engages key stakeholders well
- Effective communicator 'not afraid to ask' mentality.
Benefits
- 25 days holiday, increasing through length of service, with option to buy or sell
- Bupa health insurance as a benefit in kind
- An enhanced pension plan and life insurance
- Onsite gyms or local discounts where no onsite gym available
- Various other benefits and online discounts
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Junior Information Systems Security Engineer at AMERICAN SYSTEMS managing DoD cyber security. Collaborating on technical issues and supporting risk management framework compliance.
Information Systems Security Engineer assisting in cyber security requirements for DoD systems. Collaborating closely with customers and ensuring compliance with the DoD Risk Management Framework.
Staff Product Security Engineer driving security innovation while ensuring compliance with federal standards at DataRobot. Leading security engineering, automation, and customer engagement for federal customers.
Auszubildende(n) zur Fachkraft für Schutz und Sicherheit in Hamburg bei proSicherheit GmbH. Modernes Sicherheitsunternehmen mit Fokus auf Sicherheit und Vertrauensaufbau.
Security staff for proSicherheit performing access controls and ensuring compliance with safety standards. Involves reporting, patrolling, and handling emergencies in Hamburg area.
Cyber Security Engineer responsible for DevSecOps and security automation at a leading Swiss IT consulting firm. Engaging in security measures across industries with a focus on collaboration and technology.
Cloud Security Architect responsible for strategic growth and development of Cloud Security solutions. Work with national clients on architecture and security concepts in Switzerland.
Information Security Manager coordinates ISMS development and security measures for Megamaris GmbH. Responsible for risk analysis and security training across 12 subsidiaries.
Security GRC Manager managing audits and compliance programs at Salesforce. Overseeing cloud security compliance and collaborating across departments for risk management.