1. Home
  2. Cyber Security Engineer
Expires soon
Marksandspencer

Cyber Security Engineer

  • Internship
  • Nottinghamshire, United Kingdom
Apply Now

Job description



Job Description:

Cyber Security Engineer to assist with the planning and operations of M&S security solutions such as WAF, Cloud, Container and IPS/IDS and the integration of those platforms with other security solutions as required.

Performing hands-on security solutions deployment, configuration, policy fine-tuning and maintenance.

Key Responsibilities

·  Plans, configures, tunes & maintains M&S security solutions such as WAF, Cloud, Container and IPS/IDS
·  Collaborates with key stakeholders across M&S to develop security solutions & specific use cases to address specific business need
·  Works extensively with different stakeholders across M&S for tuning WAF/IPS/Container/Cloud security policies and creating custom signatures
·  Develops advanced alerts/reports to meet the requirements of key stakeholders
·  Develops automation for security tools management and workflow integration
·  Creation and implementation of custom alerting dashboards in SIEM for investigations
·  Aids in gathering metrics for measuring security value, gaps, performance and risks
·  Provides ongoing support to existing monitoring capabilities and data collection systems
·  Provides development support for the expansion and implementation of new systems

Key skills

·  Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operation
·  Extensive knowledge of Web Application Firewall configuration and management – ideally Akamai Kona
·  Extensive knowledge of cloud technologies, especially security – ideally Azure
·  Extensive knowledge of IPS/IDS technologies
·  Good knowledge of containers and container security concepts and solutions
·  Extensive knowledge of web technologies and concepts
·  Strong understanding of TCP/IP, web protocols and networking concepts
·  Expertise in one or more areas such as operating systems, web services, programming languages, network devices, application vulnerabilities and attack vectors
·  Experience in reviewing and analysing log files and data correlation
·  Experience with managing Web/Application Servers
·  Excellent understanding of PKI Technology
·  Excellent knowledge of open source and commercial application security tools and frameworks
·  Experience with web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks.
·  Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
·  Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.)
·  Excellent understanding of DDoS techniques and mitigation mechanisms

Cyber Defense and Incident Response:

·  Solid understanding of Incident Response Process
·  Desirable - Prior experience in Security Operations
·  Excellent understanding of Cyber Security Operations, Incident Response processes

Educational, Certifications and Other:

·  Excellent communication skills
·  Excellent team player
·  Security certifications and/or directly relatable experience

Make every future a success.
  • Job directory
  • Business directory
    •