As a SecOps Engineer you will be responsible for maintaining and continually improving the
security of key digital platforms, used by millions of people every year.
You will work with agile product delivery teams on the secure design, configuration, deployment, testing and management of applications and systems in traditional data centre and cloud environments.
You will be responsible for:
*Automating common, repeatable tasks to improve the cyber security around some of our most important datasets and services.
*Ensuring that vulnerability management best practice is followed and that code is developed securely, avoiding common pitfalls.
*Supporting automated and manual security testing of our deployed infrastructure and applications, and manage the findings from these tests.
*Driving the development of new security capabilities to support delivery and ensure that the tools and approaches used are effective.
*Securing the digital environment to ensure effective root cause and trend analysis of security threats and issues.
*Investigating anomalous activity and support incident resolution with the service.
Essential Skills Required:
*Previous experience working on AWS Security on services (IAM, Cognito, KMS,
Federation Services). A strong overall AWS Knowledge is essential
*Extensive experience with automation using scripting languages, such as Perl,
Python, Ruby, and/or Bash as well as configuration of infrastructure with code
automation (e.g. Atlassian tools, Ansible, Puppet, or Chef).
*Experience with version control software and job execution tools, such as Git, GoCD,
Octopus, Jenkins, RunDeck, SaltStack.
*Experience with cloud platforms to include virtualization, containerisation and
orchestration technologies, such as AWS, Azure, Docker, Kubernetes
*Experience of secure coding and testing across a variety of tools (static,
and both automated and manual) and vulnerability management.
*Deep knowledge of networking, infrastructure and applications
*Experience with agile and continuous development methodologies, including the
practices, platforms and tools which support them
*Broad knowledge of security controls and how they can be applied in a traditional IT
environment and cloud based systems
*In depth understanding of the methods of technical attack and how these can be
detected in a digital environment
*Knowledge of the concepts of information security, and of current and emerging IT
security, data protection and information risk principles and technologies.
*Knowledge of security monitoring, prevention and control systems including but not
limited to firewalls, IDS/IPS, web proxies, antivirus and log correlation solutions.
Please apply should you meet the above criteria
Badenoch + Clark acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Badenoch + Clark UK is an Equal Opportunities Employer.
By applying for this role your details will be submitted to Badenoch + Clark. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: https://www.badenochandclark.com/en-gb/candidate-privacy