CAREERS

Are you looking for your next step-up in the security operations space?

CloudPay is currently seeking an enthusiastic, experienced security operations analyst/engineer to lead and improve our newly established virtual security operations centre.

As a completely new position, this is a great opportunity to make your mark on a rapidly growing global business!

“Reporting to the Head of Global Infrastructure, you will help to manage, maintain and improve the newly formed virtual SOC.

Working closely with the engineering, audit & compliance teams, as well as many other parts of the business, you will lead the charge on maintaining and improving the cyber/physical security stance, and resilience of the business.”

Package and Benefits:

• Competitive annual salary
• 24 days annual leave, plus bank holidays
• Flexible pension contribution
• Life assurance x4
• Private medical insurance
• Personal and professional development opportunities
• Friendly and flexible working environment

Attributes and Experience Required:

• Suitable degree, Industry recognised security certifications, or equivalent experience within the industry
• Practical experience with firewall IPS and IDS solutions (Checkpoint/Fortinet a bonus)
• Practical experience with monitoring, maintaining and improving SIEM solutions
• Experience with internal and external vulnerability scanning and management (Web Applications and Network)
• Basic understanding of Static and Dynamic code scanning analysis
• 3+ years experience with incident response processes
• 3+ years experience in a SOC or monitoring the security of a global business
• Comfortable with suggesting and introducing new, and improved ways to monitor the security stance of the business
• Professional and Personable, with the ability to work with professionals and executives from across the business, as well as Vendors, and occasionally Customers
• Team Player

Desirable:

• An understanding of Audit processes (SOC, ISO)
• Experience of working within a DevSecOps environment
• Penetration testing/Red Team exercise experience
• An understanding of physical security, as well as cyber/digital
• Experience with some of; Crypto, JIRA, Confluence, CloudWatch, Dome9, Sophos, Nessus, ClamAV, Veracode SAST/DAST, Solarwinds, Wazuh or similar applications
• Experience in Managing teams

Daily Duties and Main Responsibilities will include:

• Dealing with monitoring, alerting and issues in an appropriate and timely manner
• Setting up, maintaining and improving the new SIEM solution
• Owning the Vulnerability Management process, and ensuring that identified vulnerabilities are dealt with appropriately and in a timely manner
• Working with, and creating issues raised by, the existing MDR (Managed Detection and Response) vendor
• Monitoring of the Cloud and On-Prem estate compliance and security, using industry recognised monitoring tools, including raising tickets as and when required
• Defining and documenting new processes and ensuring the required actions are taken by the relevant team, for dealing with all of the above
• Understanding the compliance and audit requirements of the business, and helping to ensure they are met continuously as far as security and alerting, policies and processes are concerned
• Support the Head of Infrastructure, Corporate IT Manager and Compliance team with; Reporting violations, Internal investigations and Creating Reports
• Flying the flag for continuous improvement of tools and processes
• Potential to manage a small, globally diverse team of engineers