Security Operations Engineer

Summary

Join 10x Banking's Security Operations team and contribute to the secure operation of its platform and internal assets. You will investigate and resolve security events, enhance security controls and monitoring, build automated detection and response capabilities, and act as a lead technical responder for security incidents. The role requires experience in incident response, securing public cloud environments, and using SIEM tools. You will collaborate with other security specialists and contribute to continuous improvement efforts. The company values continuous improvement and offers a supportive and inclusive work environment.

Requirements

• Sound understanding of Enterprise Security Principles and in particular Security Operations and Incident Response
• Previous experience conducting Incident Response in both Corporate and Data Centre Environments
• Working experience of securing public cloud environments such as AWS, Azure or GCP
• Prior working experience of SIEM tools (preferably Google SecOps, formerly Google Chronicle) with focus on writing custom searches, alerts and dashboards
• A proven ability to adapt to new and complex environments and a hunger to learn and develop
• Fantastic written and verbal communication skills to both technical and non-technical audiences

Responsibilities

• Support our Security Operations Centre with the investigation and resolution of Security events and detections, acting as a trusted and dependable Subject Matter Expert
• As part of the broader security team, you will be exposed to multiple different facets of security working with specialists in security engineering, application security, threat modelling, etc
• Identify ways to enhance our Security Controls and Monitoring Capabilities across our estate
• Build and operate automated detection and response capabilities
• Act as a Lead Technical Responder for Security Incidents, liaising with other parties to triage, investigate, respond and protect our business
• Identify and drive remediation of vulnerabilities and threats
• Support the day-to-day maintenance of Incident Response Documentation
• Participate in our generously-remunerated Security Incident Responder on-call rotation

Preferred Qualifications

• Experience across other security domains such as Security Architecture or Security Engineering
• Experience with one or more programming languages (Python, Bash etc)
• Prior experience in conducting Threat Hunting and/or managing Threat Intelligence
• Experience writing and maintaining SOAR playbooks to aid in automation
• Experience in using and overseeing Vulnerability Management Platforms
• Experience using CSPM tools, specifically InsightCloudSec
• Experience with microservice-based cloud-native architectures, relational databases, big data, streaming technologies and continuous integration pipelines
• Experience of working within an Agile Framework
• Prior experience of maturing Security Operations functions

Benefits

• We recognise that a better work/life balance can improve people’s motivation, performance and overall wellbeing
• The Covid-19 pandemic changed a lot of things about the way we work, including the enablement of colleagues working from various locations and delivering high performance through the effective use of remote working technology