Senior Information Security Engineer with SOAR environment and Security operations background

Job title:

Senior Information Security Engineer with SOAR environment and Security operations background

Company

UST

Job description

Job Description:Role OverviewWe are seeking a talented and experienced Security Engineer with a strong focus on Python and security automation to join our Information Security team. The ideal candidate will be adept at developing and implementing automated security solutions to protect our systems and data. This role requires a proactive individual who can work independently and collaboratively to enhance our security posture. In addition, proficiency and experience using a SOAR for automation and security incident response is required.Location: LondonEmployment model: Regular/ Fixed term contract/ Contract inside IR35Working model: Hybrid working with 3 days work from office in central londonHiring: Immediate startKey Responsibilities

• Develop, implement, and maintain security automation scripts and tools using Python.
• Integrate security tools and solutions to automate security processes and workflows.
• Conduct security assessments and vulnerability analysis to identify and mitigate potential threats.
• Monitor security systems and respond to security incidents with automated solutions.
• Collaborate with cross-functional teams to design and implement security controls.
• Stay updated with the latest security trends, vulnerabilities, and technologies.
• Develop and manage APIs to facilitate communication between security tools and systems.
• Build new and edit existing automation to high standards of reliability, efficiency and error-handling.
• Implement and manage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response activities, including but not limited to Palo Alto Cortex XSOAR, Splunk Phantom, IBM Resilient, Cyware, Microsoft Logic Apps, and ThreatConnect.
• Utilise Microsoft Defender for Endpoint (MDE) for endpoint protection and threat detection.
• Create and manage queries using Kusto Query Language (KQL) to analyse security data.
• Write detailed technical documentation, including standard operating procedures (SOPs), technical write-ups, and user guides for security tools and processes.
• Implement and manage Continuous Integration/Continuous Deployment (CI/CD) pipeline automation to ensure secure code deployment.
• Utilise Infrastructure as Code (IaC) tools (e.g., Terraform, Ansible) to automate the provisioning and management of secure infrastructure.

Skills and Experience Required

• Minimum 3 years’ experience programming in Python, with experience in developing automation scripts and tools.
• Proven experience as a Security Engineer or in a similar role, with a focus on Python and security automation.
• Familiarity with operating system scripting languages such as PowerShell and Bash.
• Experience with security tools and technologies such as SIEM, IDS/IPS, firewalls, and vulnerability scanners.
• Knowledge of cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes).
• Experience with API development and integration, including RESTful APIs.
• Proficiency in implementing and managing SOAR platforms (e.g., Palo Alto Cortex XSOAR, Splunk Phantom, IBM Resilient, Cyware, Microsoft Logic Apps, ThreatConnect).
• Hands-on experience with Microsoft Defender for Endpoint (MDE) for endpoint security.
• Excellent problem-solving skills and attention to detail.
• Strong communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical stakeholders.
• Proven experience in writing detailed technical documentation, including SOPs, technical write-ups, and user guides.

Desirable

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Proficiency in Kusto Query Language (KQL) for querying and analysing security data.
• Knowledge and experience with Infrastructure as Code (IaC) tools (e.g., Terraform, Ansible)
• Relevant certifications such as CISSP, CEH, OSCP, or GIAC.
• Experience with CI/CD pipeline automation and tools (e.g., Jenkins, GitLab CI/CD).
• Experience with DevSecOps practices and tools (e.g., Jenkins, GitLab CI/CD).
• Understanding of network protocols and security architecture.
• Understanding of how security testing, prevention and detection work together in an environment.

If you’re a self-driven, skilled information security engineer looking to take on new challenges in a collaborative environment, we would love to hear from you!Apply with your updated cv for an immediate discussion.#USTSkills:Python,Api,Security Automation,SOARAbout Company:UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

Expected salary

Location

London

Job date

Sat, 18 Jan 2025 08:14:55 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (hiring-jobs.com) you saw this job posting.