Network Security Engineer

Please note this role will require candidates to gain DV Clearance.

An exciting opportunity for a passionate Network Security Engineer to join a unique, multi-national Information Management function. Ideal candidates should be committed to protecting critical systems and ensuring the integrity and security of the network infrastructure., Join a forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our clients' organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team.

When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions to protect against evolving threats. Collaborating with cross-functional teams, you will work on implementing changes securely, identifying vulnerabilities, managing security incidents and ensuring compliance with industry best practices.

The role will be involved in the optimisation of network security tools to remediate purple team highlighted areas identified for improvement. You will also have the opportunity to immerse your time into the standardisation of network tools.

This is a dynamic opportunity to contribute to security initiatives, solve complex challenges, and have a direct impact on the overall resilience of the IT environment.

• Solid understanding of networking principles (TCP/IP, DNS, routing, switching, VLANS and load balancing)
• Strong expertise in configuring, maintaining and troubleshooting firewalls e.g. Cisco, Checkpoint, Palo Alto.
• Demonstrable hands-on experience in next-gen firewalls and advancing security features like IPS/IDS, SSL decryption and deep packet inspection.
• Proven experience in managing secure proxy solutions (e.g. Bluecoat, F5) and the ability to implement policies for content filtering, SSL inspection and network traffic monitoring.
• In depth knowledge of security protocols such as IPSec, SSL / TLS, VPNs and two factor authentication.
• Understanding of network architectures and security zones (DMZ, internal networks).
• Proficient in monitoring technologies e.g. PRTG, Nagios., * Understanding of cyber security capabilities and their integrations to networks infrastructure.
• Existing knowledge of / aptitude to learn Darktrace Antigena and Respond, Splunk ES or Log Rhythm tools.
• Strong ability to interpret complex information via use of packet capture in order to identify malicious traffic in detail, revealing attacker behaviours like C2, exploitation, lateral movement, or data exfiltration.
• Proven ability to review SOC alerting in collaboration with SOC analysts to effectively triage and manage Tier 1 SOC alerts to the appropriate outcome.
• Experience with LDAP, and application traffic flow root cause analysis.
• Previous experience to identify root cause from (TBC for review - Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools).