Sanderson Recruitment Plc
Bath, Somerset
D ev SecOps Engineer Bath - Fully Remote £60,000 - £70,000 + benefits Fantastic new permanent opportunity for an experienced Dev SecOps Engineer with fast growing specialist Fintech business. This is a great opportunity to join a new security focussed squad within their forward-thinking engineering team you will have a unique opportunity to shape what security means to the business. As a passionate security advocate, you will navigate complex challenges and approach platform design pragmatically. Leverage modern tools, languages, and platforms to contribute to efficient, secure, and scalable delivery of high-performance products. Main responsibilities: Work within a newly formed Security squad to continuously improve security posture within their cloud estate. Consult, advocate, and teach security best practice across engineering. Utilise modern tooling to shift security left, collaborating closely with development teams to ensure security is addressed early in the development life cycle. Review security best practice, remediating and implementing controls to ensure compliance. Implementing security gates within the CI/CD workflows to ensure secure deployments. Write Infrastructure-as-code to build secure infrastructure repeatedly. Proactively patch infrastructure and code. Engage in debates around processes and methodologies, actively contributing fresh ideas and challenging the status quo. You'll embrace a culture of psychological safety, confidently voicing opinions to achieve quality standards. Leverage managed services (where appropriate) to enable the team to focus on delivering core business value. Skills Required: Proven previous experience gained working within a similar Dev SecOps engineering position. Strong experience securing cloud platforms, primarily AWS and Mongo Atlas. Exposure to Audits/Compliance/Security frameworks (ISO27001, SOC2, OWASP, SAMM, DSOMM). Knowledge of Embedded security (IDE plugins, SAST, DAST, SCA). Experience performing vulnerability scanning/penetration testing. Threat detection and prevention (IDS, IPS, SOC, Threat list blocking, WAF/SIEM). Cloud account management (eg AWS Control Tower/GuardDuty/Config/Security Hub/CloudTrail). Identity management (eg SAML/OAuth/OIDC/AWS IAM). Secret management (eg AWS Secrets Manager, Parameter Store). Patch management (Security updates/AWS SSM/Dependabot). For any further queries regarding the role, please contact Danny Palmer at (see below)
D ev SecOps Engineer Bath - Fully Remote £60,000 - £70,000 + benefits Fantastic new permanent opportunity for an experienced Dev SecOps Engineer with fast growing specialist Fintech business. This is a great opportunity to join a new security focussed squad within their forward-thinking engineering team you will have a unique opportunity to shape what security means to the business. As a passionate security advocate, you will navigate complex challenges and approach platform design pragmatically. Leverage modern tools, languages, and platforms to contribute to efficient, secure, and scalable delivery of high-performance products. Main responsibilities: Work within a newly formed Security squad to continuously improve security posture within their cloud estate. Consult, advocate, and teach security best practice across engineering. Utilise modern tooling to shift security left, collaborating closely with development teams to ensure security is addressed early in the development life cycle. Review security best practice, remediating and implementing controls to ensure compliance. Implementing security gates within the CI/CD workflows to ensure secure deployments. Write Infrastructure-as-code to build secure infrastructure repeatedly. Proactively patch infrastructure and code. Engage in debates around processes and methodologies, actively contributing fresh ideas and challenging the status quo. You'll embrace a culture of psychological safety, confidently voicing opinions to achieve quality standards. Leverage managed services (where appropriate) to enable the team to focus on delivering core business value. Skills Required: Proven previous experience gained working within a similar Dev SecOps engineering position. Strong experience securing cloud platforms, primarily AWS and Mongo Atlas. Exposure to Audits/Compliance/Security frameworks (ISO27001, SOC2, OWASP, SAMM, DSOMM). Knowledge of Embedded security (IDE plugins, SAST, DAST, SCA). Experience performing vulnerability scanning/penetration testing. Threat detection and prevention (IDS, IPS, SOC, Threat list blocking, WAF/SIEM). Cloud account management (eg AWS Control Tower/GuardDuty/Config/Security Hub/CloudTrail). Identity management (eg SAML/OAuth/OIDC/AWS IAM). Secret management (eg AWS Secrets Manager, Parameter Store). Patch management (Security updates/AWS SSM/Dependabot). For any further queries regarding the role, please contact Danny Palmer at (see below)
LA International Computer Consultants Ltd
Hereford, Herefordshire
DV Cleared Onsite in Hereford Duration: 6 months initially Market Rates via Umbrella Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: * Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. * Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. * Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. * Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. * Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. * Implement data management standards, requirements, and specifications. * Develop data standards, policies, and procedures. * Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. * To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (eg, NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and signature development. * Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. * Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. * Knowledge of cyber defence and information security policies, procedures and regulations. * Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: * Previous experience of Enterprise ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS. Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). * Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications * Red Hat System Administration I & II (RH124/RH134). * Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton -Corsham -Portsmouth Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
DV Cleared Onsite in Hereford Duration: 6 months initially Market Rates via Umbrella Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: * Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. * Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. * Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. * Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. * Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. * Implement data management standards, requirements, and specifications. * Develop data standards, policies, and procedures. * Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. * To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (eg, NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and signature development. * Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. * Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. * Knowledge of cyber defence and information security policies, procedures and regulations. * Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: * Previous experience of Enterprise ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS. Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). * Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications * Red Hat System Administration I & II (RH124/RH134). * Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton -Corsham -Portsmouth Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.