Cyber Security Engineer

Summary

Join NEC Software Solutions' InfoSec Detection Team as a Cyber Security Engineer based in the UK. Reporting to the Detection Team Lead, you will contribute to the company's security posture by providing security guidance, threat hunting, incident response, and enforcing best practices. Collaborate with various teams to investigate security events, remediate risks, and develop security capabilities. Maintain the NCSC's Cyber Security Essentials Plus accreditation and contribute to the development of the Privileged Access Management (PAM) platform. This role offers potential for career progression within NEC's growing security team. Pre-employment checks, including Baseline Personnel Security Standard (BPSS) and Security Clearance, are required.

Requirements

• Demonstrable Experience in an IT role, with a strong understanding of security concepts/fundamentals
• Excellent understanding of Windows Client / Server and Hypervisor technologies (ESXI, Hyper-V, Virtual Box etc)
• Practical operation of SIEM / XDR solutions
• Strong understanding of the attack chain, advanced persistent threats and the evolving threat landscape
• Basic networking fundamentals (i.e. DNS, DHCP, routing and firewall rules)
• Basic Unix / Linux knowledge
• Public cloud awareness and ideally practical knowledge of maintaining a secure public cloud
• Must possess or be eligible to obtain security clearance to MOD SC and Non-Police Personnel Vetting Level 3 (NPPV)

Responsibilities

• Collaborate with Detection Team, Response Team and Architects to identify, assess, and conduct in-depth investigations on areas of interest highlighted through our various reporting mechanisms such as XDR, SIEM, Proxy solutions, Email Threat platform, Application Delivery Controllers (ADCs), Vulnerability Scanning Solutions and Security Bulletins
• Monitor and investigate security events and alerts, prioritising risk and taking necessary actions to promptly remediate operational security risks
• Support investigations and incident response scenarios as directed by the Team Lead
• Learn and contribute to the maintenance and development of our Privileged Access Management (PAM) platform: requires some knowledge of XML, Python and RegEx
• Work closely with Security Architects to deliver new security capabilities and ensure ongoing security enforcement and compliance
• Familiarise yourself with ITIL processes, including change, problem, and incident management
• Maintain the NCSC's Cyber Security Essentials Plus accreditation

Preferred Qualifications

• Basic Static / Dynamic Malware Analysis skills (using tools such as: Sysinternals, PEStudio, CyberChef, API Monitor, NodeJS, Powershell IDE, UPX, Wireshark and BurpSuite)
• Trend Micro suite of applications
• Nessus / Vulnerability scanning software
• Managing a PAM solution
• Understanding of ITIL framework, CE+ and UK government cyber security guidance is desirable
• Previous experience in a Security Operations Centre (SOC) or as part of a Security Team

Benefits

• Private Medical Cover funded by NEC for Employees (with the option to add family members at an additional cost)
• 25 days paid holiday with the option to buy/sell
• 4 x basic salary life assurance cover funded by NEC (with the option to increase cover at an additional cost)
• A Group Pension Plan with fantastic employer contributions up to a maximum of 8.5%
• A selection of flexible benefits to suit your individual needs