Stanton House is recruiting for a Clouse Security Engineer to join an expanding Financial Services business, who are heavily focused on automation, and are going through a cloud transformation programme to AWS. This role will be mainly home based, their office locations are Surrey and Manchester.
They are looking for some to collaborate with third party SOC to mature current on-premise logging / alerting. Focus will initially be on premise infrastructure moving into cloud capabilities further down the line.
Creation of logging configurations to monitor privilege access, databases, Linux / Windows servers
- Grow current cloud logging / alerting capability
- Hardening of Windows / Linux Assets
- Automation of Reporting
- Creation of Playbooks
- PoC of On-Premise / AWS SIEM (Azure Sentinel, Expel.IO, Sumo Logic etc)
- Methodical and analytical approach to solving problems
- A sound understanding of threats and threat vectors
- Understanding of Windows and Linux operating systems
- Knowledge of scripting (e.g. PowerShell)
- Knowledge of a programming language (Python)
- Strong knowledge of Security Information and Event Management (SIEM) tools
- Knowledge of information security protection/detection and authentication systems…such as:
- Antivirus / EDR’s
- Knowledge of standard network protocols (TCP , ARP, ICMP,
DHCP, DNS, HTTP, SNMP)
Nice to have:
- Exposure to MITRE ATT&CK & Threat Hunting
- Familiarity Data Leakage Prevention strategies, Internet Proxies
/ Mail Gateways / Secure Single Sign
- Familiarity with Metasploit or Khali tools
- working knowledge of CyberArk
- Knowledge of AWS Logging
- Exposure to Expel.IO, Azure Sentinel or Sumo Logic
What’s in it for you:
We are committed to continual learning; the individual would be supported to grow in missing disciplines.
To be connected with a specialist Cyber Security Head-Hunter, please apply to this advert.
To apply for this job please visit www.cybersecurityjobsite.com.