Cyber Security Engineer

Location: Hybrid – (Once a Week to Newbury)

Contract: 6 Months

Rate: £550-600 per day through umbrella

Hours: Monday to Friday

Job Overview

In this role you will carry out the Secure by Design assessments and provide guidance to projects and BAU activities across the following UK business functions: Consumer & Business: Your focus will be to ensure we deliver secure products and services to our customers across Consumer & Business markets, as defined by Client UK’s Consumer & Business functions. Internal: Your focus will be to ensure we deliver secure solutions to support client UK’s internal business functions. These internal business functions include Technology, Finance, HR, Corporate & External Affairs and Business Intelligence. You will be part of the Secure by Design Networks Pillar and functionally report into the Networks Pillar lead and engage with the business functions to understand their future roadmaps and will ensure that appropriate Cyber Security engagement takes place to support these roadmaps. You will also be responsible for providing technical leadership and task direction to other Secure by Design Specialists as well as Cyber Security Champions across Technology and other business functions.

Key responsibilities

• Network technologies encompassing:
• Fibre and SDH transport networks; IP and MPLS networks; Broadband delivery.
• Converged Business services (e.g., VoIP services), SDWAN, SDN.
• Mobile Access and Core networks (4G & 5G), Open RAN, Voice over Wi-Fi/VoLTE;
• Network Management and other OSS Systems.
• Corporate Network technologies.

Experience Needed

• Application security / web-application security
• Mobile applications and their implications for security
• Operating system and database security (e.g., SQL vulnerabilities and encryption techniques)
• Cloud and virtualisation security (IT and Networks)
• Network security (e.g., VPN/VRF, MPLS, routing protocols, layer 2 and layer 3 security) and network protocols (e.g., TCP/IP, HTTP, TLS, SSH, DNS)
• Mobile Networks (3G/4G/5G) and/or large scale MPLS networks, and their particular security considerations
• Security considerations for Operational Support Systems, IP Telephony, SS7, IMS networks, SMS, MMS, Voicemail, Content Delivery Networks, SDH, DSL and Microwave
• Security control deployment / operation (e.g., Firewalls, Proxies, Network Access Control, IPS/IDS, Web Application Firewalls, Privileged User Access Management, Identity & Access Management, Data Loss Prevention, Security Information and Event Management, Vulnerability Management).
• Desired
• Technical security certification such as SCCP / CISSP, or other relevant industry/vendor security accreditations
• Some knowledge of risk management frameworks, threat modelling and security awareness initiatives
• Basic understanding of security standards such as ISO27001, CAS(T) and PCI-DSS
• 4 years practical experience in a telecommunications service provider (or similar technical environment).