Cyber Security Engineer

at  Openwork

THE OPPORTUNITY

As Cyber Security Engineer, you’ll be responsible for supporting the ongoing operation and improvement of Cyber and Information Security systems to ensure Openwork’s system are protected against threats to its IT systems.
You’ll need to understand IT infrastructure, how to deploy, and manage security tools and controls, evaluate threats that could potentially harm the organisation, and respond to security breaches.
This role would suit someone from a technical background who is proficient at deploying, optimising, and maintaining security tooling, implementing security controls and in investigating technical IT issues. Working with
internal teams and/or suppliers to resolve or mitigate risks identified.
Our systems are primarily built using the Microsoft stack with a desire to make increased use of cloud technology including but not limited to Azure, Dynamics 365, and Office 365.
The role sits within the Technology division’s Information Security Team. You will work closely with Cyber Security Analysts who are our first responder to cyber security incidents, although the role holder should be comfortable in security incident response.
To be successful in this role, you’ll need to foster strong peer relationships across the business to promote and encourage good security practice and support your colleagues across the business in delivering the required programme of security-related change.
This is a hybrid role with 2 days per week in our Swindon office.

EXPERIENCE:

• Established experience across a variety of cyber security disciplines.
• Excellent communication skills.
• Strong knowledge of information security principles and practices.
• Proven track record of deploying, managing and utilising security tools.
• Participation in audits, assurance reviews and risk assessments across complex environments.
• Experience working in financial services or a regulated environment would be advantageous.
• Exposure to the tools and techniques used for vulnerability scanning, penetration testing, firewalls, WAF, endpoint security, browsing and email controls.
• Investigating and troubleshooting technical issues from identification to resolution, working with internal teams and suppliers as necessary. Knowledge:
• Understanding of security best practices across multiple domains of information security, ideally in a Microsoft-dominated ecosystem.
• Familiarity with security technologies and tooling (e.g., Microsoft Defender 365, vulnerability management, threat intelligence and web proxy tooling). ·
• Knowledge of cybersecurity frameworks and standards (e.g., NIST, CIS, ISO27001, OWASP, Cyber Essentials).
• Ability to confidently convey security concepts to peers in technical teams.
• Ability to operate in a fast-paced environment with the skills to deal with complex issues.
• Demonstrable experience of producing security-related data and reports.
• Strong ‘can do’ attitude and a self-starter looking to progress in the field of information security.
• Highly organised to be able to lead product rollouts or upgrades in an efficient and low risk manner.
• Thorough and detailed orientation to be to be able to complete low level designs and implementation plans, based on vendor documentation and discussion

Please refer the Job description for details