Working for a leading insurance organisation on an initial 6 month contract. Can be based fully remote anywhere in the UK.
The role will be responsible for administering current security tools and ensuring accurate reporting from them. This will involve automating current output and ensuring reporting can be consumed in a usable manner.
The role will work with the operational teams to approve the security aspects of architectural designs on any new infrastructure and projects.
The role will understand network security/server security and be able to identify and elevate any issues found through analysis.
*Key point of escalation for technical issues across the team
*Provide security input and raise any discrepancies with architectural design
*Attend change management boards and design authority forums and be the voice of InfoSec
*Provide monthly heath check reports of detection capabilities and remediate where necessary
*Work with the SOC and ops teams to ensure the PCI and non-PCI environments is collecting all necessary logs as required and remediate where necessary
*Carry out firewall reviews and other technical quarterly requirements to maintain PCI attestation
*Provide oversight of browser detection tools and configure blocking capabilities (DNS Umbrella)
*Provide reviews and administer password safes (Thycotic) to ensure the security is functional
*Using the Kill chain or MITRE ATT&CK framework to identify key issues that could lead to compromise
*Be responsible for the analysis of DDoS alerting and advising on tweaks to prevent further attacks.
*Technical Background in networks and/or line 3 support
*Fully understand Linux and windows estates
*Proven knowledge of DNS umbrella or equivalent
*Proven knowledge of architectural design
*Fully understand security in the cloud and SAAS products
*Understand python or equivalent scripting language
*Knowledge of red-teaming
*Network qualifications - CCNA, CCNP
*Security qualifications - COMPTIA N + S+, GSEC, GPEN, GCIH