IO Associates are helping one of Europe's leading Tech firms recruit a Security Engineer (SecOps) for their office in Bristol. You will be responsible for performing analysis and correlation of logs/alerts determining whether said events constitute security incidents and mitigating where appropriate. This is a permanent opportunity.
Headlines
Role: Security Engineer (SecOps)
Salary: £50,000 - £60,000 + Fantastic Benefits
Location: Bristol
Responsibilities
● Improve the company's splunk implementation, improve log analysis and correlation, build dashboards to show alerting and security posture
● Monitor security tools and initiate escalation/mitigation procedure to counteract potential threats/vulnerabilities.
● Provide Incident remediation and prevention documentation.
● Provide security expertise during incident responses.
● Document and conform to processes related to security monitoring.
● Review threat activity and create automated logic for detection.
● Review threat coverage and provide suggestions as needed to increase coverage.
● Provide expertise for new threat scenarios.
● Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SecOps functions.
Experience
● Splunk expertise is critical, ideally experience onboarding logs, building rules and creating dashboards.
● Understanding of Linux systems administration and working with BASH.
● Understanding of Windows or Linux logging / auditing capabilities.
● Experience with configuration and troubleshooting of network switches, routers, and
firewalls.
● Understanding of networking including TCP/IP.
● Experience with network monitoring and packet analysis tools.
● Understanding of HTTP, SSL/TLS, SOAP, and reverse proxies.
● Understanding of a cloud environment and infrastructure (AWS, Azure, Google Cloud,
etc.)
● Experience using security tools. eg, SIEM, IDS/IPS, WAF, etc.
● Understanding of the Top 20 Critical Security Controls for Effective Cyber Defense.
● Understanding of the OWASP Top 10 & SIEM
● Experience with vulnerability scanning and reconnaissance methods.
● Understanding of the 6 phases of Incident Handling (Preparation, Identification,
Containment, Mitigation, Remediation and Lessons Learned).
Please get in contact for further details at this exciting organisation.