Lead Cyber Security Engineer

At Ofgem, we protect the interests of electricity and gas consumers, ensuring value for money, security of supply, and sustainability. As a Lead Cyber Security Engineer, you'll be a key player in our Security, Privacy, and Resilience function, safeguarding our people, data, operations, and facilities.

In this role, you'll be part of a small, dynamic team of Security Engineers and Analysts. You'll develop, deploy, and maintain enterprise security tools, identify system security requirements, and create technical solutions to mitigate vulnerabilities. Collaborating with our Azure and Office 365 Engineers, you'll design automated monitoring processes and ensure our security solutions meet business needs.

Your proactive approach will help resolve technical problems and maintain security standards. You'll work closely with internal and external stakeholders, including the National Cyber Security Centre and other government departments, to ensure comprehensive security coverage.

To excel, you'll need experience in Security Operations, hands-on expertise with security systems, and a strong understanding of Microsoft operating systems and cloud environments like M365 and Azure. Your knowledge of the latest security principles and protocols will be crucial.

Join us at Ofgem and be part of a team that's shaping the future of energy. Apply now and make a difference!

Key Responsibilities

The Lead Security Engineer will play a critical part in ensuing the security of Ofgem. You will be part of small team of Security Engineers and Analysts, providing advice and guidance, and ensuring the effective use of security tools, infrastructure and capabilities.

• Support the ongoing day-to-day activity of Security Operations and the wider Ofgem Security team.

• Develop, deploy and maintain enterprise security tools - including vulnerability scanning, endpoint protection, email security controls, and logging and monitoring solutions.

• Identify and define system security requirements and develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.

• Work with our Azure and Office 365 Engineers in the design, development and enablement of automated monitoring processes.

Key Outputs and Deliverables

• Proactively resolve technical problems, ensuring that security solutions continue to meet business requirements taking accountability for actions taken and decisions made.

• You will investigate faults in systems, processes and services, and advise on the implementation of appropriate solutions and preventative measures.

• You will work collaboratively to ensure that a set of IT products, suppliers and vendors come together to deliver an IT service.

• You will update and maintain technical documentation relating to security solutions and controls.

• Input into regular security control dashboard reporting.

Essential Criteria

• Hands on experience configuring and managing security systems - firewalls, intrusion detection systems, endpoint protection software, identity management, log management, vulnerability management, etc. (Lead criteria)

• Experience in a Security Operations role.

• Subject matter expert in the management and security of Microsoft operating systems.

• Experience with secure configuration of SaaS services and cloud environments, particularly M365 and Azure.

• Thorough understanding of the latest security principles, techniques, and protocols.