Job Description

Location: Dummer, Basingstoke

Salary: 40,000 - 50,000

We're looking for a Security Engineer to come on board to join our team to lead the technical security function within Group IT Services, ensuring robust protection of systems, data and users. You will be managing the security ticket workload within the Security team and responding to and managing security incidents and alerts. In addition you will provide consultation and expertise on security matters.

Responsibilities:

Security Operations & Incident Management:


Managing ticket workload within the Security team. Gathering, analysing and acting upon threat intelligence. Responding to on-going security incidents. Responding to active alerts from security systems. Writing change management requests for security-related changes.

Vulnerability & Endpoint Management:


Conducting penetration testing and tracking corrective actions. Resolving vulnerabilities in the infrastructure and EUC estate. Defining and managing the configuration of endpoint protection policies. Managing the configuration of Identity and Access Management services.



Accreditation & Compliance:


Writing and ratifying policies and ensuring compliance with the Information Security Management System (ISO27001). Ensuring compliance with CyberEssentials and CyberEssentials+ requirements and carrying out audits. Ensuring compliance with accreditation policies through auditing with external 3rd party auditors. Being consulted on project plans and designs in principle. Providing security expertise on Change Request Approvals (CAB). Being consulted on software deployment from a security perspective. Being consulted on endpoint protection matters for infrastructure and EUC. Being consulted on identity and access administration matters

Skills Required:

Strong technical knowledge of security tools, frameworks and best practices. Experience with penetration testing and vulnerability management processes. Understanding of endpoint protection technologies and policies. Knowledge of identity and access management principles. Familiarity with security accreditations such as ISO27001, CyberEssentials and CyberEssentials+. Excellent incident response and threat intelligence skills. Strong communication skills to convey security matters to technical and non-technical audiences.

Benefits:

25 Days Holiday Birthday Day Off Buy Holiday Scheme Career Development and Progression Opportunities Employee Assistance Programme Enhanced Company Sick Pay Discounted Retail Vouchers Reduced Gym Membership SCG Mobile Benefit Employee Referral Bonus Annual Salary Reviews Pension Scheme Onsite Canteen (offering free croissants and free freshly made soup daily) Free On-Site Parking Charity Events

SCG is proud to be an equal opportunities employer.


We welcome applications from all parts of the community and are committed to upholding the principles of the Equality Act 2010.


We are committed to supporting applicants with disabilities. We will endeavour to make necessary adjustments to ensure a fair and accessible recruitment process.