Senior Network Security Engineer

Reports to: NOC Manager

Job purpose: As a member of a team of experienced Network and Security Engineers and Analysts within ITCs Security Operations Centre (SOC), you will monitor, manage and support highly secure, complex network environments for a portfolio of blue-chip and SME Customers. Also, you will provide security analysis of customer security events, monitoring and investigating incidents in customer environments with a focus on SIEM, vulnerability management, behavioural analytics and MDR for a portfolio of blue-chip and mid-market customers.

Key interfaces: Operation Centre Team Leaders, NOC Manager, SOC Manager, Service Delivery Managers, Network Security Engineers and SOC Analysts, Vendors, Customer Network and Security Teams, Project Engineers

The role will involve:

Network Security Services:

Creating/modifying device configurations across Cisco switching and routing products,

Creating/modifying firewall configurations and policies for Cisco FTD and a range of other vendors,

Management of Cisco ISE and ForeScout NAC solutions,

Management of incidents, changes and problems through to resolution,

Excellent troubleshooting skills, with prior experience working as an escalation engineer,

Management of network management platform (SolarWinds),

Working with service providers and vendors

Security Services:

Analysis and investigation of alerts arising from Security Event and Information Management tools.

Analysis, investigation and refinement of alerts and reports arising from Network Behaviour Analytics tools.

Vulnerability Scanning and reporting. Prioritising and tracking remediation of vulnerabilities.

Contributing to content on existing tools, implementing new rules, and refining existing rules to better discover network threats.

Using packet-capture tools, analyse packet flows and utilise network-based User Behaviour Analytics to understand breaches and track propagation of malware.

Using Threat Intelligence Services to identify potential new threats and develop new mitigations.

Working with customer security teams to detect, contain and eradicate threats.

Ensuring our services are optimised and providing best value to our customers.

Coaching, mentoring and guidance of junior engineers and analysts.

Actively contributing to our development of the ITC managed services with an innovative approach.

We are looking for someone with:

A Degree, Certifications or equivalent work-related experience (desirable)

Cisco CCNP ENCOR (essential)

Cisco ENARSI (desirable)

Cisco CCNP SCOR (desirable)

Cisco SISE (desirable)

Palo Alto network certified professional (desirable)

Demonstrable competence and capability in a network security support role (essential)

Confident working knowledge of Cisco FTDs, Palo Altos, VPNs, Cisco routing and switching administration via GUI & CLI (essential)

Experience in two or more of the following areas, ideally at a support level (essential)

Firewall Management: Cisco FTD, Palo Alto, Fortinet

Load Balancing: F5, Riverbed Steelhead

MVIS: Cisco ISE, Forescout CounterACT, Qualys

Monitoring: SolarWinds

Has experience with at least one of the following (desirable)

SIEM Analytics

Behavioural Analytics

Vulnerability Intelligence

Is certified in and/or has a strong working knowledge of Cloud Security Technologies (Azure and AWS) (desirable).

Has a passion for Security & Networks.

Ability to cope successfully under pressure and with shifting priorities; able to meet demands for occasional out-of-hours working and on-call escalation.

Customer-facing with good report-writing skills and strong written and verbal (English) communication skills at all levels (essential)

Enjoys solving problems; is naturally inquisitive; contributes innovation and ideas for the continual improvement of services.

Will provide technical and service leadership to Engineers & Analysts.

Understands the phases of incident response and the Cyber Kill Chain (desirable).

Enjoys research into emerging threats in the security landscape and identifying and analysing real-world threats.

Has experiencing in coding and automation (desirable).

Might have a home lab to test things and learn new skills.

Enjoys attending Security events and Meet-Ups.

Working hours: Normal working hours are 7.5 hours a day, Monday – Friday
on a rotating pattern, between the hours of 7am-7pm and may extend to 6am – 10pm. Participation in an On-Call rota.

Working location: This role is full remote.

Travel: Occasional travel may be required depending on project work undertaken.           

Benefits:          

25 days annual leave.

Pension scheme.

Private health insurance.

Enhanced maternity and paternity leave.

Death-in-service life cover.

Shopping discounts.

Cycle to work scheme.

Season ticket/gym loans.

Online wellbeing centre.

Free tea and coffee.

And more!

This job description is intended to convey information essential to understanding the scope of the role and it is not intended to be an exhaustive list of skills, efforts, duties, responsibilities or working conditions associated with the position.