Security Engineer

at  Creditsafe

SECURITY ENGINEER

Job Title: Security Engineer
Location: Cardiff,
Department: Security Operations Team
We are currently looking for a Security Engineer to join our team in the Cardiff office.
You will be expected to attend the office 50% of the working week, to align with our hybrid working policy.

JOB PROFILE

We are seeking an experienced Security Engineer to join our team. In this role, you will provide advanced support on complex technical issues, participate in security incident investigations, and contribute to the implementation of zero-trust principles. You’ll be instrumental in managing cloud security within Microsoft Azure and AWS environments, integrating cloud-native security tools like Microsoft Sentinel and AWS Security Hub.

SKILLS AND QUALIFICATIONS

• Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred)
• Proven Experience in Cybersecurity or IT Infrastructure role with substantial security element.
• Strong knowledge of Azure Security Services, AWS Security Services, and cloud-native security tools, such as Microsoft Sentinel, AWS Security Hub, GuardDuty
• Experience of Vulnerability Management scanning tooling such as BurpSuite Enterprise or Rapid7 InsightVM/InsightAppSec
• Experience in scoping Penetration tests
• Design, configuration and implementation experience of:
• Vulnerability Management tooling for SAST,DAST and IAST purposes
• SIEM solutions and integrations relevant to Microsoft Sentinel
• AWS native security tooling and services

Desired

• Pipeline scanning tooling such as Dastardly, Snyk, Wiz
• Microsoft E5 tooling such as DLP, Defenders for Endpoint, Cloud, CloudApp and Identity
• Experience in network security, firewall management, and secure cloud architecture.
• In-depth experience with IAM, encryption technologies, and data protection in cloud ecosystems.
• Familiarity with industry regulations and compliance frameworks (e.g., PCI DSS, GDPR, SOC 2).
• Hands-on experience with automation tools, CI/CD pipelines, and security integration in DevOps.
• Proficiency in scripting languages such as Python and PowerShell.
• Certifications such as CCSP, AWS Certified Security Specialty, Azure Security Engineer, CompTIA Security+ or equivalent.
• Familiarity with financial services security regulations and standards (i.e. FCA)
• Experience with Zero Trust architectures.
• Strong analytical, problem-solving, and communication skills.
• Ability to work in a fast-paced, regulated environment with a high level of attention to detail.

Key Responsibilities

Security Operations

• Provide 4th line support on complex technical issues, root cause analysis of investigations and security tooling used by Security Operations team
• Participate in security incident investigations, and exercises, and provide feedback on improvements and tooling gaps

Identity and Access Management

• Provide guidance and requirements for implementing zero-trust principles
• Examine tooling output and configuration to ensure relevant controls are implemented effectively to reduce risk to identities, infrastructure/environments and data

Cloud Security Management

• Representing the Information Security function on the Cloud Security Working Group, you will be ensuring that best practices and regular reviews are performed as part of architecting, implementing and managing security solutions in Microsoft Azure and AWS cloud environments. This will include integrating and configuring cloud-native security tools so that relevant alerts and appropriate monitoring are fed back into Security Operations tooling such as Microsoft Sentinel.

Vulnerability Management:

• Implement, configure and manage tooling used to perform regular vulnerability assessments and penetration tests on cloud infrastructure, networks, and applications. Providing relevant feedback to developers and systems engineers on remediating findings
• Work alongside external penetration testing partners on enabling infrastructure and application scanning, producing remediation plans, and managing their resolution
• Review and provide guidance on patch management and remediation processes across cloud-based systems.
• Collaborate with development teams to embed security in CI/CD pipelines.
• Investigate zero-day vulnerability applicability, and remediation or workaround approaches to lessen risk to infrastructure, applications and/or data
• Regularly review and feedback to relevant teams the best practice hardening standards required for endpoints, applications and services

Security Automation and DevSecOps

• Assist the wider SecOps team in automating, simplifying, and enhancing security tasks through using tools such as AWS Lambda, Python, Power Automate, PowerBI

Information Security Compliance

• Collaborate with Information Security Compliance, Risk and Audit teams on reviewing control gaps with standards such as ISO27001, ISO22301 and SOC2.
• Assist with gathering relevant information required as part of the Request for Information (RFI) sales bid support process

The responsibilities detailed above are not exhaustive and you may be requested to take on additional responsibilities deemed as reasonable by their direct line manager.