Go to job search

IT Security Engineer

Achilles, Caldecott, Vale of White Horse

IT Security Engineer

Salary Not Specified

Achilles, Caldecott, Vale of White Horse

  • Full time
  • Permanent
  • Onsite working

Posted today, 25 Oct | Get your application in now to be one of the first to apply.

Closing date: Closing date not specified

job Ref: 76294da725674dbd88c33d6ccaf2aba7

Full Job Description

As an IT Security Engineer, you will be responsible for protecting systems, networks and data from cyber threats and ensuring compliance with security standards. Identification of vulnerabilities, responding to security incidents and conducting regular assessments of the Achilles security posture. Key Responsibilities RESULTS & RESPONSIBILITIES SECURITY OPERATIONS

  • Threat Monitoring: Monitor network traffic for suspicious activity, detect and respond to potential threats, and provide recommendations for mitigation.
  • Security Audits: Conduct internal audits of Achilles teams to ensure ISO 27001 requirements are met.
  • Firewall and VPN Management: Configure and manage firewalls, VPNs, and related network security devices to ensure optimal protection.
  • Collaboration: Work with other IT teams to ensure security is embedded in infrastructure designs and processes.
  • Patch Management: Ensure timely updates and patches to network devices to mitigate vulnerabilities.
  • Documentation: Maintain detailed documentation of network configurations, security incidents, and changes made to systems.
    • INFORMATION SECURITY
  • Compliance and Audits: Ensuring that the organisation complies with ISO 27001 requirements and other related standards. Preparing for internal and external audits.
  • Incident Management: Handling security incidents and breaches, ensuring proper reporting and analysis. Ensuring that corrective actions from security incidents are implemented and that lessons learned are incorporated into future improvements.
  • Vendor and Third-Party Management: Ensuring that third-party vendors and service providers comply with the organisation's security policies and ISO 27001 requirements.
  • Continuous Improvement: Monitoring the effectiveness of the ISMS and implementing improvements as needed.
  • Collaboration: Working closely with IT, legal, compliance, and other departments to ensure a unified approach to security. Collaborating on the integration of ISO 27001 requirements into broader IT or business processes.
    • PERSONAL DEVELOPMENT
  • Taking personal responsibility for skills development, particularly to enhance security capabilities.
  • Actively participating in the performance management process and taking responsibility for delivering agreed objectives.

    Qualifications IT Diploma level or equivalent experience.
  • ISO 27001 Lead Auditor desirable.
  • CISSP, CEH, CCNA Security, or other relevant security certifications are highly desirable.
    • Person Specification COMPETENCIES DECISION MAKING
  • Identifies and evaluates the range of options open to them
  • Articulates the assumptions made and the risks involved in decisions taken
  • Analyses information carefully to identify facts, patterns, trends and missing data that may impact on a decision
  • Communicates decisions clearly to those who are affected
    • ACHIEVING RESULTS
  • Focuses on performance outcomes despite uncertain or difficult circumstances
  • Actively links own efforts to those of others within the team to avoid overlap, rework or delays
  • Spots opportunities to deliver beyond expectations, where this would help others perform more effectively
  • Sets own targets and objectives with clear reference to how these contribute to the departmental business plan
    • MANAGING CHANGE
  • Responds constructively and quickly to shifting goalposts or changing requirements
  • Copes effectively with rapid change or increased demands
  • Reprioritises own work or the work of the team in response to external pressures
  • Is flexible in their approach; adapts their working style to suit the needs of the situation
    • DRIVE & MOTIVATION
  • Addresses multiple demands without losing focus or energy
  • Increases efforts in the face of difficulties or obstacles and recovers quickly after setbacks
  • Remains calm and focused during stressful or challenging situations; concentrates only on things they can control or influence
  • Encourages others during challenging times with their positive, can-do attitude
    • CREATIVE CAPACITY
  • Uses initiative to resolve recurring problems in own role or team
  • Takes calculated risks to improve own performance
  • Tries out new ways of working
  • Allocates time to identifying and resolving the root causes of problems
    • KNOWLEDGE
  • Understanding of ISO 27001 principles, threat modelling, vulnerability assessments, and risk treatment methodologies.
  • Deep understanding of network security principles (e.g., firewalls, VPNs, intrusion detection systems, SIEM), and network protocols.
  • Knowledge of encryption methods, access control mechanisms, and endpoint security tools.
    • o Knowledge of compliance frameworks (ISO 27001, SOC 2, PCI DSS) and best practices.
  • Knowledge and experience with securing cloud environments (AWS, Azure, GCP).
  • Knowledge of network architectures., Minimum of 3-5 years of experience in IT Security, with a proven track record in a similar role.
  • Technical skills:
    • o Strong understanding of network protocols, including TCP/IP, DNS, routing, and switching. o Experience with network security tools (e.g., Wireshark, Snort, Nmap) and SIEM solutions. o Familiarity with cloud security (AWS, Azure, GCP) is a plus.
  • Soft skills:
    • o Strong problem-solving and analytical skills. o Excellent communication skills, both verbal and written. o Ability to work both independently and collaboratively in a fast-paced environment.
  • Preferred skills:
    • o Experience in conducting penetration testing and threat hunting. o Scripting experience (e.g., Python, PowerShell) for automation of security tasks.

  • We recognise that everyone is different, with different needs, this is why our benefits package supports individual financial, physical and mental wellbeing. Benefits will vary from country to country, however some benefits offered include:Generous employer pension; 6.5% employer contribution
  • Income Protection & Life Assurance
  • Option of Private Medical Insurance, Dental Insurance and Critical Illness cover
  • Subsidised Gym Membership through Gymflex
  • 25 days Holiday (plus Bank Holidays), Holiday Buy Scheme
  • Health cash plan, 24/7 remote GP access and Employee Assistance Programme which includes counselling & legal advice
  • Give as you earn and volunteer day off
  • Cycle to Work Scheme
  • Season Ticket Loan
  • Achilles Advantage Club (high street retail discounts)
  • Enhanced maternity, paternity and shared parental leave provisions
  • Flexible working environment
  • Health & Wellbeing initiatives