Job Application

The Security Engineer (vulnerability management) is hands on technical role to improve the organisation's security posture. The role will work with the organisation's security teams to perform security assurance of the IT environment and take action to remediate vulnerabilities and findings.

Client Details

My client - an organisation in the Financial Services sector are looking for a Security Infrastructure Engineer with practical hands on experience of vulnerability management and remediating these vulnerabilities- join their site in London remotely on an initial 6-month contract!

Description

The successful candidate for the Security Infrastructure Engineer (vulnerability management) - Financial Services Sector 6-month contract role will fulfil the following responsibilities:

• Assess audit findings and vulnerability management findings and identify technical fixes
• Agree remediation plans and actions with the Technology Security Manager and London Information Security Office
• Make agreed changes to the IT environment to close identified findings
• Work with organisations partners to make changes to the IT environment
• Assist in investigating security alerts raised by our endpoint protection tools
• Assist in setting up vulnerability scans and performing security testing of the IT environment
• Any other tasks related to IT security at the discretion of the Technology Security Manager
• Plan and develop remediation actions for security vulnerabilities identified in security assessments.
• Collaborate with vendors and stakeholders to effectively mitigate security vulnerabilities related to organisations applications, on-prem and cloud infrastructure.
• Work closely with senior management on improving overall security posture of cloud and on-prem infrastructure.
• Configure internal vulnerability scans and performing security testing of the IT environment.
• Streamline automated patch management process for timely and effective security patch implementation.
• Manage enterprise-wide security infrastructure, including Firewalls, proxies, EDR, SIEM etc.
• Provide help and guidance to operations team in alert investigation and threat management.

Profile

To be considered for the Security Infrastructure Engineer (vulnerability management) contract role the candidate must present evidence of the following:

• Hands-on experience with implementing security audit findings
• Hands-on experience with remediating vulnerabilities through configuration changes on Servers, endpoints, networking equipment and applications
• Hands-on experience with remediating vulnerabilities through patching and upgrading software
• Experience with documenting processes
• Experience with configuring and reading reports of vulnerability scanning tools (preferred)
• Degree in Computer Science or relevant discipline (preferred)
• Experience of IT in financial services (preferred)
• ITIL V3 foundation qualified (preferred)

Essential Competencies/Skills

• Analytical thinking
• Planning and Organising
• Effective communication and documentation skills
• Problem solving

Technical Skills

• Microsoft 365 administration
• Microsoft Windows Server
• Microsoft SQL Server
• Microsoft Windows 10
• VMware
• Microsoft Azure
• Active Directory, DNS and Microsoft CA
• Networking - Firewalls, DDOS mitigation appliances (preferred)
• Microsoft System Center Configuration Manager (preferred)
• Microsoft Windows Update Services (preferred)
• Mobile device management software such as In-tune (preferred)
• Microsoft 365 Defender (preferred)
• Tenable or Qualys (preferred)

Key success factors

• The engineer consistently implements remediation plans agreed with the Technology Security Manager
• IT vulnerability management SLAs are met
• IT security KPIs remain in compliance to group standards
• Security terms of reference remain compliant
• IT security posture improves

Job Offer

• 6 month contract inside IR35 paying between £400-500 daily.
• Hybrid working- 2 days p/week on site in central London, 3 days remote from home.
• Opportunity to work extensively on vulnerability management helping the organisation remediating these.