Infrastructure Security Engineer

Infrastructure Security Engineer - 12 Month Contract - 450/day Outside IR35.

London based Insurance company are recruiting for security engineers to join the team foe an initial 12 month contract OUTSIDE IR35.

• Taking responsibility for leading, guiding, supporting and delivering secure architectural design for the group cyber security maturity programme.
• Identify areas of cyber security improvement to ensure cyber security and data security by design controls are adopted globally as outlines in the Howden Security and Configuration Standards Document (HSCSD)
• Support Data Loss Prevention (DLP) solutions that protect corporate data seamlessly across platforms, devices and environments globally.
• Support the integration of new cyber security technologies that meets the next generation threats and can be adopted by the group globally.
• You will be required to travel to the local sites, data centre or multiple offices location in order to complete your tasks for off the network countries.
• Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP's) are managed effectively up to closure.
• Firewall management
• Web Proxy management and CASB.
• Anti-Virus/Malware management
• Standard, third party and privilege access user management
• Remediation of external, internal vulnerabilities, web application scanning and patch compliance.
• Representing IT security at the Change Authority Board, Architecture Review Board and Data Privacy Working Group.
• Managing the security, RFC, ERFC and DDQ's queue in ServiceNow (dealing with suspicious emails, phishing, proxy and access request etc.)
• Monitoring and managing responses to the Cyber incidents, Security DL (which is mainly the above suspicious emails).
• Organise monthly Security Operations Meeting, Application and Information Security Forum
• All activities and findings must be recorded and stored as this will be used as evidence during COBIT 5, PCI DSS and Security review, internal and external audits.

Required Skills

• Good knowledge of Information Security Management System (Infrastructure Security Operations).
• Good knowledge of Azure cloud infrastructure and configuration.
• Good knowledge in System Centre Configuration Manager, Operations Manager and Virtual Machine Manager.
• Good knowledge of Microsoft Exchange online
• Good knowledge of Azure and on-premises Active Directory
• Good knowledge of Cyber Incident Management and or Security Forensic experience.
• Good knowledge of Windows Server and Linux
• Good knowledge in network (WAN, Wi-Fi) and Network Access Control (NAC) management
• Good knowledge in cloud email security gateway services
• Good knowledge server hardware including and CIS controls.
• Good knowledge of security monitoring, orchestrator and SEIM tools
• Good Knowledge of next-gen application firewalls, anti-malware, cloud proxies and CASB

Required Experience

• Experience in Azure cloud and identity management solutions.
• Specific focus on network equipment.
• Palo Alto Firewall, Imperva WAF and NAC experience
• Netskope proxy and CASB experience
• Microsoft Defender and Crowdstrike experience
• Azure Entra ID and DUO SSO & MFA gateway
• Data loss prevention tools experience
• Azure security centre and Wiz io experience
• Cymulate and Ping Castel experience
• SCCM or enterprise patch management tools

• TenableOne or enterprise vulnerability management tools
• Sound knowledge of industry best practices such as OWASP, Cyber security framework and NCSC guidance

Security legislation and regulatory frameworks exposure and awareness

• FCA or equivalent
• GDPR - General Data Protection Regulation
• PCI DSS - Payment Card Industry Data Security Standard
• COBIT 5 - Control Objectives for Information and related Technology
• ISO 27001 - Information Security Management System (ISMS)
• CIS - Center of Internet Security (Cyber security best Practices)

Infrastructure Security Engineer - 12 Month Contract - 450/day Outside IR35.