Security Engineer - Surrey / Hybrid

Job Description

We are looking for an ambitious Security Engineer to join an interesting client based near Camberley; the role is hybrid.

Responsibilities:

1. Provide support to the IT Manager in developing and managing our cybersecurity strategy, particularly in our Microsoft-centric environment.
2. Manage our security infrastructure, act as the primary liaison with our external SOC, and ensure compliance with external standards and regulations.

Security:

1. Develop, maintain, and execute a comprehensive Security Roadmap.
2. Liaise with our external SOC provider to mitigate all security alerts and incidents.
3. Collaborate with external providers to enhance security posture.
4. Manage and optimize Microsoft 365 and Intune environments to strengthen estate posture.
5. Implement recommendations from security audits and assessments.

Microsoft Operations & Licensing:

1. Devise and implement a strategy to maximize our E3 applications to support the Security Roadmap.
2. Stay updated on the latest Microsoft security features and best practices.

Project Management:

1. Manage, assess, and report on security project activities to meet defined deadlines.
2. Communicate effectively with stakeholders and users regarding project progress, security initiatives, and the security posture.

IT Team Development:

1. Provide training and mentorship to the wider IT team on security best practices and business-critical functions.
2. Proactively contribute to the continuous improvement of the IT team’s capabilities in supporting security objectives.

Minimum Requirements:

1. Minimum of 2 years relevant work experience.
2. Knowledge and practical experience in managing Meraki firewalls, VPNs, Microsoft Suite (including Defender, Intune), Mail Filtering, and other security products.
3. Proficient in network troubleshooting.
4. Understanding of the Microsoft ecosystem including licensing requirements, Access Management, User Risk Policies, Conditional Access Policies, App Registrations, and Intune.
5. Practical experience with vulnerability assessment and management using Microsoft Defender or other tools.
6. Experience in designing and managing mission-critical infrastructure.
7. Experience with implementing Zero Trust and Defense In Depth practices in various environments.
8. Familiarity with Linux and Windows environments.
9. Familiarity with Risk Assessments, Disaster Recovery, Business Continuity, and Incident Response.
10. Knowledge of ISO27001, Cyber Essentials (CE), and Cyber Essentials Plus (CE+).
11. Strong communication, organizational, problem-solving, and presentation skills.
12. Self-motivated, capable of working with minimal supervision over time with adequate support.
13. Ability to build trusting, collaborative relationships with peers while maintaining a strong sense of accountability and ownership.

Desirable:

1. Fault logging systems.
2. Familiarity with SQL Database management.
3. Experience with Security Information Event Management (SIEM) tools.
4. Awareness of CIS Benchmarks for Windows Endpoints and Servers.
5. Experience in 1st and 2nd line helpdesk support, including Systems support.

Mayflower is acting as an Employment Agency in relation to this vacancy.