Cyber Security Vulnerability and Threat Engineer - Cheshire West and Chester, United Kingdom - psd group

    psd group
    psd group Cheshire West and Chester, United Kingdom

    3 weeks ago

    Default job background
    Description

    Job Description

    Job Title: Cyber Security Vulnerability and Threat Engineer

    Location: Cheshire (Hybrid - 2 days per week on-site)

    Benefits: (Full list of benefits available on application)

    psd group are delighted to bring this newly created job opportunity to market, partnered with a truly industry-leading organisation as they embark on a journey to improve their current Cloud Infrastructure/Cyber Security.

    We are looking for an experienced Cyber Security Threat and Vulnerability Engineer, to take ownership of identifying signs of compromise in cyber security services, IT systems, and related infrastructure. This will be a hands-on approach to vulnerability management reduction across all IT Systems and you will work with the SOC to assist in the coordination and management of cyber incident response activities.

    The ideal candidate will have come from a Cloud Infrastructure background, have moved into Cyber Security, and will hold a current/relevant cyber security certification such as CISSP, CCSP or equivalent.

    As this is a newly created role that the organisation has not had in place previously, we are looking for candidates with strong experience and are happy to work independently to achieve all aspects of the role working closely with a variety of end users and stakeholders from various parts of the business.

    Responsibilities:

    • Identify signs of compromise in cyber security services, IT systems, and related infrastructure that have been missed by the SOC and raise as security incidents.
    • Ensure the successful resolution and closure of cyber security incidents.
    • Monitor cyber security services, systems, and related infrastructure for signs of failure or error and raise as IT incidents.
    • Resolve IT incidents and complete service requests relating to all aspects of cyber security in accordance with defined processes and service level agreements (SLAs) and key performance indicators (KPIs).
    • Ensure options to improve systems and optimise log storage are provided to the Cyber Security team.
    • Working alongside the Cyber Security Team, take ownership and develop a hands-on approach to vulnerability and threat management reduction across all IT Systems.
    • Monitor changes in cyber security threats, and appropriately respond to changes in threat profile.
    • Identify any potential and actual vulnerabilities in applications, infrastructure, services, software, and systems.
    • Monitor and ensure compliance with defined Policies.
    • Plan, prioritise and implement remediation activities.
    • Provide monthly vulnerability and compliance reports to the Cyber Security Team.
    • Assist with the exception review of user access requests, use of new software or hardware facilities and report findings to the Cyber Security Team.
    • Support the IT team in the provision of service delivery, ensuring the team shares knowledge and works flexibly.
    • Assist in the resolution of incidents and complete service requests relating to all aspects of cyber security in accordance with defined processes and service level agreements (SLAs) and key performance indicators (KPIs).
    • Take ownership and a hands-on approach to vulnerability management reduction across all IT Systems
    • Work with the SOC to assist in the coordination and management of cyber incident response activities.
    • Provide guidance and support to employees on a range of cyber security issues.
    • Ensure compliance with defined Policies.

    Essential Skills & Experience:

    • Experience with analysing event logs and recognizing cyber intrusions or attacks.
    • Experience using tools such as SIEM, IDS/IPS, antivirus and endpoint protection (e.g. Microsoft Sentinel and Microsoft Defender for Endpoint)
    • Understanding of relevant Cyber Security standards, legislation and regulations including compliance standards
    • Strong technical knowledge of Infrastructure and modern platforms (M365 & Azure in particular)
    • Strong knowledge of cyber security principles, technologies, and best practices.
    • Excellent communication skills, written and oral and the ability to tailor that communication to both technical and non-technical audiences.
    • Experience delivering excellent service to a wide range of stakeholders.

    Qualifications:

    CISSP

    CCSP or equivalent

    Any relevant Microsoft qualifications

    Please note, that due to the volume of applications received, we are unable to communicate feedback to all candidates. In the event you have not received a response within 14 days of your application, it is unlikely that your application will be progressed on this occasion. Please continue to review our website and LinkedIn for further opportunities.