Security Engineer

A fantastic opportunity to join an amazing team here in Lincoln with an exciting salary.
The Security Engineer will be a key player in protecting the company's digital assets from both a practical and management practices perspective. This role involves setting up, fine-tuning, and gathering intelligence from a Security Information and Event Management (SIEM) system. They will also review logs from a variety of sources. The engineer will be responsible for reviewing infrastructure plans, adding recommendations, and procuring penetration tests from third-party services. They will ensure that all relevant actions following the tests are completed. They will work with all areas of the business to assist with data security and GDPR aspects including policy and process development. They will share in the DPO administration and liaise with the DPO supporting company to ensure the business continuously adheres to the GDPR requirements. They will also develop and deliver annual IT security training and ensure compliance with our Phishing Simulations.

Key Responsibilities:
Develop and manage the SIEM, ensuring it effectively captures and analyzes security data
Review infrastructure plans to identify potential security weaknesses and recommend enhancements
Coordinate with third-party vendors to conduct penetration tests and analyze the results for action
Take ownership of implementing actions to address security vulnerabilities
Review and improve coding practices to minimize security issues and system downtime
Assess cloud environment on an ongoing basis to ensure best practice and the latest security tools are in use
Implement policies to ensure least privilege access to files, reports, and documents
Stay abreast of the latest security news and trends to inform security strategies
Assist other departments in developing policies and procedures to comply with GDPR, working with the DPO outsourcing company
Serve as an internal incident responder, managing the reporting process for security incidents.

Skills and Qualifications

Proven experience with SIEM tools and incident response
Strong understanding of network infrastructure and security protocols
Knowledge of coding practices and the ability to implement security-focused policies
Experience with GDPR, data security and other compliance regulations
Excellent analytical and problem-solving skills
Experienced with Microsoft and Linux environments
Experienced with Active directory and Entra ID
Ability to communicate effectively with both technical and non-technical stakeholders
Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM), or equivalent desirable
Experience with Fortinet Suite of products preferred.

Education required:

Bachelor’s degree in computer science, Information Security, or a related field / equivalent experience
Cisco Certified Network Associate (CCNA) or other networking qualification desirable.

This role will be a hybrid role in line with business needs. If this sounds like a role for you please contact Sarah Kelly