We are currently looking for a Security Engineer to join our team in the Cardiff office. You will be expected to attend the office 50% of the working week, to align with our hybrid working policy.
WHO ARE WE?
At Creditsafe, we weave our core values of customer-obsession, trust, respect and the courage to be different into the very fabric of our culture. With these values, we’ve fostered a culture of growth, innovation, well-being and success for the last 20 years at Creditsafe and created a legacy of successful career trajectories within our community of Creditsafers.
Powering business decisions for over 100,000 businesses across the world requires more than just the right tools. As a company, we don’t shy away from rolling up our sleeves to do everything possible to create a welcoming environment where every new talent is guided, supported and nurtured to grow and become a part of the culture.
With 25 offices across 14 countries, our geographically dispersed community of colleagues are a testament to our inclusive and diverse culture that comes together to solve complex problems and learn from each other.
Twice featured in The Sunday Times list of ‘100 Best Companies to Work,’ our list of successful Creditsafers who’ve created long-standing, strong career trajectories out of what started out as jobs, just keeps growing. We’re proud to be a part of a culture and a company where careers are made and where talent meets its true potential.
JOB PROFILE
We are seeking an experienced Security Engineer to join our team. In this role, you will provide advanced support on complex technical issues, participate in security incident investigations, and contribute to the implementation of zero-trust principles. You'll be instrumental in managing cloud security within Microsoft Azure and AWS environments, integrating cloud-native security tools like Microsoft Sentinel and AWS Security Hub.
KEY DUTIES AND RESPONSIBILITIES
Security Operations:
Provide 4th line support on complex technical issues, root cause analysis of investigations and security tooling used by Security Operations team. Participate in security incident investigations, and exercises, and provide feedback on improvements and tooling gaps.
Identity and Access Management:
Provide guidance and requirements for implementing zero-trust principles. Examine tooling output and configuration to ensure relevant controls are implemented effectively to reduce risk to identities, infrastructure/environments and data.
Cloud Security Management:
Representing the Information Security function on the Cloud Security Working Group, ensuring best practices and regular reviews are performed as part of architecting, implementing and managing security solutions in Microsoft Azure and AWS cloud environments. Integrate and configure cloud-native security tools so that relevant alerts and appropriate monitoring are fed back into Security Operations tooling such as Microsoft Sentinel.
Vulnerability Management:
Implement, configure and manage tooling used to perform regular vulnerability assessments and penetration tests on cloud infrastructure, networks, and applications. Provide relevant feedback to developers and systems engineers on remediating findings. Work alongside external penetration testing partners on enabling infrastructure and application scanning, producing remediation plans, and managing their resolution. Review and provide guidance on patch management and remediation processes across cloud-based systems. Collaborate with development teams to embed security in CI/CD pipelines. Investigate zero-day vulnerability applicability, and remediation or workaround approaches to lessen risk to infrastructure, applications and/or data. Regularly review and provide feedback to relevant teams on best practice hardening standards required for endpoints, applications and services.
Security Automation and DevSecOps:
Assist the wider SecOps team in automating, simplifying, and enhancing security tasks through using tools such as AWS Lambda, Python, Power Automate, PowerBI.
Information Security Compliance:
Collaborate with Information Security Compliance, Risk and Audit teams on reviewing control gaps with standards such as ISO27001, ISO22301 and SOC2. Assist with gathering relevant information required as part of the Request for Information (RFI) sales bid support process.
The responsibilities detailed above are not exhaustive and you may be requested to take on additional responsibilities deemed as reasonable by your direct line manager. SKILLS AND QUALIFICATIONS Bachelor's degree in Computer Science, Information Security, or related field (Master’s preferred). Proven experience in Cybersecurity or IT Infrastructure role with substantial security element. Strong knowledge of Azure Security Services, AWS Security Services, and cloud-native security tools, such as Microsoft Sentinel, AWS Security Hub, GuardDuty. Experience of Vulnerability Management scanning tooling such as BurpSuite Enterprise or Rapid7 InsightVM/InsightAppSec. Experience in scoping penetration tests. Design, configuration and implementation experience of: Vulnerability Management tooling for SAST, DAST and IAST purposes. SIEM solutions and integrations relevant to Microsoft Sentinel. AWS native security tooling and services.
Desired: Pipeline scanning tooling such as Dastardly, Snyk, Wiz. Microsoft E5 tooling such as DLP, Defenders for Endpoint, Cloud, CloudApp and Identity. Experience in network security, firewall management, and secure cloud architecture. In-depth experience with IAM, encryption technologies, and data protection in cloud ecosystems. Familiarity with industry regulations and compliance frameworks (e.g., PCI DSS, GDPR, SOC 2). Hands-on experience with automation tools, CI/CD pipelines, and security integration in DevOps. Proficiency in scripting languages such as Python and PowerShell. Certifications such as CCSP, AWS Certified Security Specialty, Azure Security Engineer, CompTIA Security+ or equivalent. Familiarity with financial services security regulations and standards (i.e., FCA). Experience with Zero Trust architectures. Strong analytical, problem-solving, and communication skills. Ability to work in a fast-paced, regulated environment with a high level of attention to detail. BENEFITS Competitive Salary. Company Laptop supplied. Bonus Scheme. 25 Days Annual Leave (plus bank holidays). Hybrid working model. Healthcare & Company Pension. Cycle to work and Wellbeing Programme. Global Company gatherings and events. E-learning and excellent career progression opportunities. Plus more that can be found on the benefits section on the Careers page,
https://careers.creditsafe.com/gb . Creditsafe is an equal opportunities employer that values diversity. Please contact Creditsafe if there is any support you need with your application.
#J-18808-Ljbffr
Provide 4th line support on complex technical issues, root cause analysis of investigations and security tooling used by Security Operations team. Participate in security incident investigations, and exercises, and provide feedback on improvements and tooling gaps.
Identity and Access Management:
Provide guidance and requirements for implementing zero-trust principles. Examine tooling output and configuration to ensure relevant controls are implemented effectively to reduce risk to identities, infrastructure/environments and data.
Cloud Security Management:
Representing the Information Security function on the Cloud Security Working Group, ensuring best practices and regular reviews are performed as part of architecting, implementing and managing security solutions in Microsoft Azure and AWS cloud environments. Integrate and configure cloud-native security tools so that relevant alerts and appropriate monitoring are fed back into Security Operations tooling such as Microsoft Sentinel.
Vulnerability Management:
Implement, configure and manage tooling used to perform regular vulnerability assessments and penetration tests on cloud infrastructure, networks, and applications. Provide relevant feedback to developers and systems engineers on remediating findings. Work alongside external penetration testing partners on enabling infrastructure and application scanning, producing remediation plans, and managing their resolution. Review and provide guidance on patch management and remediation processes across cloud-based systems. Collaborate with development teams to embed security in CI/CD pipelines. Investigate zero-day vulnerability applicability, and remediation or workaround approaches to lessen risk to infrastructure, applications and/or data. Regularly review and provide feedback to relevant teams on best practice hardening standards required for endpoints, applications and services.
Security Automation and DevSecOps:
Assist the wider SecOps team in automating, simplifying, and enhancing security tasks through using tools such as AWS Lambda, Python, Power Automate, PowerBI.
Information Security Compliance:
Collaborate with Information Security Compliance, Risk and Audit teams on reviewing control gaps with standards such as ISO27001, ISO22301 and SOC2. Assist with gathering relevant information required as part of the Request for Information (RFI) sales bid support process.
The responsibilities detailed above are not exhaustive and you may be requested to take on additional responsibilities deemed as reasonable by your direct line manager. SKILLS AND QUALIFICATIONS Bachelor's degree in Computer Science, Information Security, or related field (Master’s preferred). Proven experience in Cybersecurity or IT Infrastructure role with substantial security element. Strong knowledge of Azure Security Services, AWS Security Services, and cloud-native security tools, such as Microsoft Sentinel, AWS Security Hub, GuardDuty. Experience of Vulnerability Management scanning tooling such as BurpSuite Enterprise or Rapid7 InsightVM/InsightAppSec. Experience in scoping penetration tests. Design, configuration and implementation experience of: Vulnerability Management tooling for SAST, DAST and IAST purposes. SIEM solutions and integrations relevant to Microsoft Sentinel. AWS native security tooling and services.
Desired: Pipeline scanning tooling such as Dastardly, Snyk, Wiz. Microsoft E5 tooling such as DLP, Defenders for Endpoint, Cloud, CloudApp and Identity. Experience in network security, firewall management, and secure cloud architecture. In-depth experience with IAM, encryption technologies, and data protection in cloud ecosystems. Familiarity with industry regulations and compliance frameworks (e.g., PCI DSS, GDPR, SOC 2). Hands-on experience with automation tools, CI/CD pipelines, and security integration in DevOps. Proficiency in scripting languages such as Python and PowerShell. Certifications such as CCSP, AWS Certified Security Specialty, Azure Security Engineer, CompTIA Security+ or equivalent. Familiarity with financial services security regulations and standards (i.e., FCA). Experience with Zero Trust architectures. Strong analytical, problem-solving, and communication skills. Ability to work in a fast-paced, regulated environment with a high level of attention to detail. BENEFITS Competitive Salary. Company Laptop supplied. Bonus Scheme. 25 Days Annual Leave (plus bank holidays). Hybrid working model. Healthcare & Company Pension. Cycle to work and Wellbeing Programme. Global Company gatherings and events. E-learning and excellent career progression opportunities. Plus more that can be found on the benefits section on the Careers page,
https://careers.creditsafe.com/gb . Creditsafe is an equal opportunities employer that values diversity. Please contact Creditsafe if there is any support you need with your application.
#J-18808-Ljbffr
