About the role
Our team have been stretched during the pandemic due a combination of new enterprise and FTSE listed customers, and increased activity right across the cyber security arena. In addition to ongoing hiring in Engineering, the SOC, R&D, Sales and other areas, we are now looking for experienced Cyber Security Professional Services Engineers to take ownership of the delivery lifecycle of large enterprise accounts.
Working with our cyber security operations centre, the focus of this role is the deployment and implementation of security monitoring and detection technologies across Redscan’s ThreatDetect client base. Deploying, managing, monitoring and securing these systems, as well as performing maintenance to ensure they remain in optimum health.
We are not accepting CVs from external resources and agencies.
Genuine Incident Notifications & Remediation Support
- Provide any support required to implement automation or tuning requests
- Ensure SOC team has all the required training to leverage the detection technologies appropriately
Working with Sales and Presales
- Corroboration with pre-sales to determine what technology to use for any given opportunity.
- Configuration and production of all required reports from detection technologies
- Platform health and performance reporting
- Work with the project team to handle technical aspects of onboarding
- Setting up clients on our platform, CyberOps
- Determining gaps in presales requested information and what is actually required
- Perform asset discovery with the client
- Learn about technologies that we don’t yet manage, but makeup part of the service. Azure and AWS are good examples of this
- Implement appropriate data source collectors
- Confirming the data sources are being seen
- Tuning the data collection to be in line with our security knowledge and if applicable the security posture of the client (assuming they have at some degree of sophistication)
- Documenting the onboarding process
- Manage the integration of additional data source
- Capture, develop, test and implement custom rule requests
- Manage the process of integrating an additional site/environment
- Provide any support the SOC needs to fulfil a log data requests
Scenario-based Testing & Threat Hunting
- Undertake any resulting work required on the detection technologies based on the report findings. e.g. additional log sources, custom rule creation
- Management of all faults related to the detection technologies
- Deployment and configuration of the VS technology
- Configuration of the required scans
- Providing SOC with any training required for the VS technology
- Provide support for custom data reporting request
- Experience with security technologies including for example AlienVault (strong preference), Carbon Black, LogRhythm, Darktrace, Qualys and other leading equivalents.
- Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools.
- Understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.
- Experience in LAN and WAN technologies, network design, network management etc.
- Strong understanding of TCP/IP, subnetting, routing, access control lists, firewalls, VPN, NAT and network traffic analysis.
- Strong organisational skills and an ability to attend to and prioritise projects.
- Ability to relay complex technical subject matter to non-technical decision makers.
- Demonstrable analytical and technical aptitude with focus on identifying and alleviating the root cause of issues to help solve problems.
- Proven ability to thrive and respond to frequent demands of multiple constituents, both internal and external, in a high demand, customer-centric environment.
- Research/test new products
Qualifications and experience
- Preferred professional certifications include; CCNP, CISSP, SSCP, CEH, GIAC, Security+, OSCP, CRT.
- Degree in Information Systems or Computer Science. Bachelor’s Degree in Information Systems or Computer Science preferred.
- Experience with information technology security.
- Excellent communication skills and experience working in a collaborative environment.
- Experience deploying and implementing security monitoring technologies.