Denholm are delighted to be working with our financial services client on a Security Operations Engineer. This is a greenfield role as our client builds out their Security Operations function.
The Security Operations Engineer is an integral part of the Security Operations team, responsible for support and optimisation of the Security Operations platform. This role presents an exciting opportunity to get involved in innovative projects designing security controls and delivering emerging security technologies.
This is a senior role within the security operations team and will help to deliver improvements across a number of our cyber security domains including; Security Data & Analytics, Security Automation, Incident Response and Threat Detection.
The role reports directly to the Cyber Security Engineering Manager and is based in Edinburgh. The role holder will work closely with our Cyber Security Operation Centre and with other security functions as well as specialist 3rd party security suppliers and the global IT and business teams.
- As a part of the Cyber Security Operations team, this role will support:
- Security Platform Optimisation, covering endpoint, network, cloud and logging technologies. Security Orchestration Automation and Response, building security automation playbooks and integrations.
- Security Data & Analytics, onboarding data and developing detection logic and analytics. SOC Architecture, developing interface definitions and security guidelines.
- Incident response, as part of the Cyber Security Incident Response Team for cyber incidents
Ideal candidate experience
- Proven experience in cyber security Experience supporting security tools, such as SOAR, SIEM, EDR, NGFW, CSPM, WAF, AV Industry recognised certifications such as Certified Splunk Architect, PCSAE, CISSP/CCSP, CEH or equivalent experience
- Experience working in a hybrid (on-prem/multi-cloud) environment. Azure or AWS certifications a plus
- Knowledge of one or more scripting languages with experience in developing automation playbooks, scripts that interact with APIs and parsers for data engines.
- Understanding of microservices architecture, Kubernetes, Containers, CI/CD pipelines and DevSecOps
- Passion for security and self-development to keep up to date with the evolving threat and vulnerability landscape, new technologies and service improvements
If you would like more information on this role, please get in touch to discuss.