Infrastructure Security Engineer

We are looking for a highly skilled and dynamic Security Engineer to join our IT Security team. My client works across multiple sectors to include Fintech, Health & Energy. The ideal candidate will have a strong background in networking, cloud security, and hands-on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments.

This role also involves working with SIEM solutions, automating security workflows, and contributing to the company's compliance with Cyber Essentials Plus and ISO 27001 standards.

1. Design, implement, and manage network security architectures, including firewalls, VPNs, and other perimeter security technologies.
2. Configure, deploy, and manage Cisco Meraki solutions for network security and monitoring.
3. Implement and manage security controls in cloud environments, with expertise in Microsoft Azure security best practices.
4. Work with Palo Alto Networks or Panorama solutions for enterprise-wide network security and threat management.
5. Leverage Infrastructure as Code (IaC) principles using Terraform to automate security policies and infrastructure deployment.
6. Utilize Security Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM) to monitor, detect, and respond to security incidents.
7. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times.
8. Lead threat hunting activities across on-premises and cloud environments to proactively identify potential security threats.
9. Assist with Cyber Essentials Plus and ISO 27001 audits and certifications to ensure company-wide compliance with industry best practices and regulations.
10. Collaborate with development teams to integrate security throughout the software development lifecycle (SDLC).
11. Conduct regular security assessments, including vulnerability scans and penetration testing, to identify and mitigate risks.
12. Stay up-to-date with the latest security trends, vulnerabilities, and emerging threats, and provide recommendations for improvements.

1. Networking Expertise:
   1. Strong understanding of network protocols, including TCP/IP, DNS, DHCP, and routing.
   2. Experience with firewalls, VPNs, IDS/IPS systems, and network traffic analysis.
2. Cloud Security:
   1. Deep experience securing cloud environments, especially Azure.
   2. Familiarity with cloud-native security tools, including Azure Security Center, and identity management solutions like Azure Active Directory.
3. Cisco Meraki:
   1. Hands-on experience configuring and managing Cisco Meraki firewalls, switches, and other networking/security appliances.
4. Palo Alto Networks/ Panorama:
   1. Expertise with Palo Alto Networks firewalls, including configuration, management, and troubleshooting of security policies and threat management.
5. Infrastructure as Code (IaC):
   1. Strong experience with Terraform for infrastructure automation, especially in security-related use cases (e.g., securing cloud infrastructure, managing security controls).
6. SIEM Solutions:
   1. First-hand experience working with SIEM solutions, particularly Microsoft Sentinel SIEM.
   2. Experience in designing and managing SIEM rule sets, creating dashboards, and correlating data for threat detection.
   3. Familiarity with security event log analysis, alerts management, and incident response workflows.
7. Cybersecurity Frameworks & Compliance:
   1. Knowledge of Cyber Essentials Plus and ISO 27001 compliance requirements.
   2. Ability to help maintain and audit compliance for ongoing security certifications.
8. Threat Hunting & Incident Response:
   1. Demonstrated experience with proactive threat hunting and identifying vulnerabilities before they can be exploited.
   2. Strong skills in incident response and the development of runbooks and automated workflows to improve response efficiency.
9. Automation & Scripting:
   1. Proficient in scripting languages such as Python, PowerShell, or Bash to automate tasks and security operations.

1. Certifications:
   1. CISSP (Certified Information Systems Security Professional)
   2. CISM (Certified Information Security Manager)
   3. CISA (Certified Information Systems Auditor)
   4. Azure certifications (e.g., Microsoft Certified: Azure Security Engineer Associate)
2. Experience in securing hybrid and multi-cloud environments.

There is also a bonus on-top of the base salary which will be discussed on application.

This role is hybrid with 2 days a week on-site. Interview slots available now.

Apply now!