McCabe & Barton are currently working with an established Asset Management firm looking for a Security Engineer to join their Global Technology Department. This role offers a great benefits package and hybrid working model, as well as the opportunity for professional growth and further specialisation in a specific area within Security.
The main function of this role will focus on supporting the IT Security technologies and processes. Ensuring that all alerts and events are correctly followed up and investigated as well as liaise with other IT teams and related departments to ensure incident playbooks are followed.
You will be responsible for developing, monitoring, evaluating, and maintaining systems and procedures to protect the confidentiality, integrity and availability of information systems. This position evaluates existing data security procedures and identifies new areas of risk as well as reviewing new security applications. This is a technical position that requires knowledge of security industry standards, incident response handling, provide technical security recommendations and/or solutions around systems and networks, and have a solid grasp of overall IT architecture.
Duties and responsibilities
- Maintain the Data Loss Prevention (DLP) technologies and processes.
- Perform security incident investigations including chain of custody, containment measures, root cause analysis, and identification of preventive measures
- Assist with the implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices
- Plan, coordinate, and implement security measures to regulate access to computer data files and prevent unauthorised modification, destruction, or disclosure of information
- Perform risk assessments and execute system tests to ensure the proper functioning of data processing activities and security measures
- Verifies security controls in new and existing computer systems conform to security policies and guidelines.
- Identify potential security risks, and document remediation options or mitigating controls.
- Assist in integrating regulatory compliance requirements (e.g., SOX, GLBA) into the organizational security roadmap
- Participate in the Information Security on-call rotation
- Carry out additional duties as assigned
Skills and qualifications requirements:
- A Bachelor’s Degree in Computer Science and/or related field preferred.
- Security-related certifications preferred (Security+, CEH, CISSP, OSCP, etc.).
- 3+ years of experience in information security.
- Experience in supporting data loss prevention technologies and processes.
- Experience in cyber incident response handling procedures and forensic investigation tools.
- Proficient in the security of Windows and UNIX (security access rights, configuration best practices, and potential vulnerabilities).
- Intermediate knowledge of the OSI model and security that is associated with each layer.
- Intermediate knowledge of wide area network security as it pertains to networking protocols and connectivity to/from outside resources (switches, routers, firewalls, VPNs, encryption, and authentication methods).
- Experience with modern scripting languages.