Security Operations Engineer

About the role:

As we scale our security function to support our two payment brands and future acquisitions we need to ensure security operations are set up to scale.

We are looking for a person with expertise in incident response and vulnerability management who is interested in automation to help scale security operations and take the capability to the next level. We have a close knit highly competent team who you’ll be joining working alongside them to run phishing campaigns manage security incidents through our SIEM and contribute to purple team exercises alongside our internal red team capability.

What you will own:

Reporting to the Security Operations Lead you will:

Perform Incident response:

• Respond to security incidents in a timely and effective manner.

• Investigate security incidents to identify root causes and prevent future incidents.

• Communicate with stakeholders throughout the incident response process.

• Create run books for common scenarios to improve consistency and prepare for automation

• Champion SecOps Automation:

  • Review tooling and processes and automate wherever possible leaning on the ability of the SIEM to integrate to 3rd party APIs and follow workflow to enrich data as well as automatically close some incidents.

• Manage threat and vulnerability management:

  • Keep abreast of emerging threats & vulnerabilities

  • Own the vulnerability reporting services and manage vulnerability team remediation metrics building relationships and influencing remediation outcomes through robust processes including reporting and risk management.

• Improve stakeholder collaboration & influence:

  • Partner with engineering operations and business teams to foster a security-first culture.

  • Improve security education and awareness campaigns by leading multi disciplinary and multi media messaging campaigns.

• Strive for continuous improvement:

  • Stay updated with the latest developments in security operations and incident response.

Qualifications:

• Technical skills:

  • Good understanding of computer networking authentication DNS operating systems & cloud computing.

  • Experience responding to incidents including EuC public cloud server infrastructure and containerised environments.

  • Knowledge of modern incident response in a public cloud environment and an organisation that has an engineering capability.

  • Experience of scripting and automation.

  • Familiarity with Infrastructure as Code tools (e.g. Terraform CloudFormation).

• Soft skills:

  • Calm under pressure

  • Strong problem-solving and analytical skills.

  • Outcome focussed and keen to move the needle.

  • Experience working in an industry with a high value public facing service.

  • Excellent communication and interpersonal skills.

  • Ability to work independently and as part of a team.

  • Ability to work under pressure and meet deadlines.