Security, Technology and Change
£55,000 to £60,000 Per Annum
Bonus + Pension + Excellent Benefits
An expanding, prestigious London Market insurance business has a fantastic opportuniuty for a cyber security incident response engineer to work within their global security team.
Primarily this role will be structured with a dotted line into the security incident response manager based in New York, for task management and day to day activities. This will give the benefit of working within a different timezone, seeing and responding to global incidents as soon as possible.
Local solid line management will be to London based security management within the London based IT team.
- Carrying out daily monitoring and response security procedures
- Monitor IT Systems, Security alerting queues, and review daily reports
- Perform initial incident assessment, evidence gathering, and triage
- Escalate incidents, and participate in remediation efforts
- Provide feedback and recommendations for improvement of security controls and response procedures
- Communicates with peer Security/Operations teams and management with expected interactions with business users and vendors
- Assists with day to day security functions, respond to help tickets, requests for assistance with accessing the clients systems and software
Essential Skills / Experience
- 2 years minimum working in the Information Technology or Computing Field.
- Experience with any of the following technologies will be a distinct advantage
- Splunk Log & Event Platform (basic query and report building)
- Network Access Control
- Rapid7 Nexpose (Vulnerability Scanning)
- Advanced Detection and Response Endpoint Agents
- Network Packet Capture and Event Analysis
- Threat Intelligence Platforms
- Microsoft Patching and Device Management Platforms
- General understanding of security controls, and protective solutions such as firewalls, vpns, antivirus, intrusion detection, data loss protection etc
- General understanding of common threats, sources and types of cyber attacks used commonly to disrupt or compromise computing systems.
- General understanding of networking and internet communications.
Bachelors Degree in Information Technology, Engineering, or a related field .
Security+ or similar security certification a plus