Cyber Security Engineer

Job Summary:

• To be responsible for the design, implementation, testing and administration of cloud security tools and system that provide both administrative and technical controls in support of organisational security policies and procedures.
• To help develop and deliver the cyber security strategy and framework for the business, ensuring best practises for all aspects of information security and governance.
• To work closely with leadership and staff to support the maintenance and evolution of a secure corporate environment and make recommendations for new security-related procedures and/or revisions.
• Reports to: IT Security Manager

Subordinate Titles: None

Site: All Sites

Primary Responsibilities:

• Work with and follow the guidance of the IT Security Manager
• To be responsible for the design, implementation, testing and administration of security tools and system
• To help develop and deliver the technical cyber security strategy and frameworks for the business
• Participate in company-wide security audits (internal and external)
• Ensure compliance with all technical security and regulatory requirements including but not limited to ISO27001, GDPR, Cyber Essentials Plus, NHS Digital
• Evaluate, implement, manage and maintain all cloud cyber security systems and protective measures against malware and misuse of systems or services
• Comply with the CliniSys codes of conduct and guidelines
• To be responsive to reasonable requests from your line manager
• To behave as a role model: for delivering results; for enthusiasm and enjoyment of your work; for teamwork; for coaching and mentoring of colleagues and team members and for professional standards of behaviour

Knowledge, Skills, Abilities:

• Experience with Microsoft 365 security configurations and best practices in tenant configuration; 365 Security Configurations (ATP, Defender and Security Center)
• Experience with endpoint management and Intune preferred
• Ability to perform tenant and data governance review and configuration
• A committed and highly motivated individual who is assertive and has sound judgement
• Ability to make sound decisions and analyse problems based off the information captured through risk assessments of the infrastructure and business
• Excellent analytical skills, with an ability to translate business needs into practical security posture
• Solid knowledge of different security frameworks as applied to current network, server infrastructure and storage technologies
• Adaptable / flexible to changing demands with an ability to implement and manage change.
• High degree of attention to detail as it pertains to security policies and security alerts.
• Excellent decision making / problem solving skills
• High levels of commitment and ability to act when necessary
• Proficiency with a wide range of security products

Education And Experience:

• 3 years of experience in information security industry
• 365 and Azure cloud services security certifications
• Experience with security information and event management platforms and other security tooling, specifically exposure to CrowdStrike
• Experience with vulnerability scanning solutions and secure configuration
• In-depth knowledge of architecture, engineering, and security operations
• Familiarity with ISO 27001, GDPR and other security frameworks