Senior Network Security Engineer

Job purpose: As a member of a team of experienced Network and Security Engineers and Analysts within ITCs Security Operations Centre (SOC), you will monitor, manage and support highly secure, complex network environments for a portfolio of blue-chip and SME Customers. Also, you will provide security analysis of customer security events, monitoring and investigating incidents in customer environments with a focus on SIEM, vulnerability management, behavioural analytics and MDR for a portfolio of blue-chip and mid-market customers.

Key interfaces: Operation Centre Team Leaders, NOC Manager, SOC Manager, Service Delivery Managers, Network Security Engineers and SOC Analysts, Vendors, Customer Network and Security Teams, Project Engineers

The role will involve:

• Network Security Services:

• Creating/modifying device configurations across Cisco switching and routing products,
• Creating/modifying firewall configurations and policies for Cisco FTD and a range of other vendors,
• Management of Cisco ISE and ForeScout NAC solutions,
• Management of incidents, changes and problems through to resolution,
• Excellent troubleshooting skills, with prior experience working as an escalation engineer,
• Management of network management platform (SolarWinds),
• Working with service providers and vendors

• Security Services:

• Analysis and investigation of alerts arising from Security Event and Information Management tools.
• Analysis, investigation and refinement of alerts and reports arising from Network Behaviour Analytics tools.
• Vulnerability Scanning and reporting. Prioritising and tracking remediation of vulnerabilities.
• Contributing to content on existing tools, implementing new rules, and refining existing rules to better discover network threats.
• Using packet-capture tools, analyse packet flows and utilise network-based User Behaviour Analytics to understand breaches and track propagation of malware.
• Using Threat Intelligence Services to identify potential new threats and develop new mitigations.
• Working with customer security teams to detect, contain and eradicate threats.
• Ensuring our services are optimised and providing best value to our customers.
• Coaching, mentoring and guidance of junior engineers and analysts.
• Actively contributing to our development of the ITC managed services with an innovative approach.

• A Degree, Certifications or equivalent work-related experience (desirable)

• Cisco CCNP ENCOR (essential)
• Cisco ENARSI (desirable)
• Cisco CCNP SCOR (desirable)
• Cisco SISE (desirable)
• Palo Alto network certified professional (desirable)

• Demonstrable competence and capability in a network security support role (essential)
• Confident working knowledge of Cisco FTDs, Palo Altos, VPNs, Cisco routing and switching administration via GUI & CLI (essential)
• Experience in two or more of the following areas, ideally at a support level (essential)

• Firewall Management: Cisco FTD, Palo Alto, Fortinet
• Load Balancing: F5, Riverbed Steelhead
• MVIS: Cisco ISE, Forescout CounterACT, Qualys
• Monitoring: SolarWinds

• Has experience with at least one of the following (desirable)

• SIEM Analytics
• Behavioural Analytics
• Vulnerability Intelligence

• Is certified in and/or has a strong working knowledge of Cloud Security Technologies (Azure and AWS) (desirable).
• Has a passion for Security & Networks.
• Ability to cope successfully under pressure and with shifting priorities; able to meet demands for occasional out-of-hours working and on-call escalation.
• Customer-facing with good report-writing skills and strong written and verbal (English) communication skills at all levels (essential)
• Enjoys solving problems; is naturally inquisitive; contributes innovation and ideas for the continual improvement of services.
• Will provide technical and service leadership to Engineers & Analysts.
• Understands the phases of incident response and the Cyber Kill Chain (desirable).
• Enjoys research into emerging threats in the security landscape and identifying and analysing real-world threats.
• Has experiencing in coding and automation (desirable).
• Might have a home lab to test things and learn new skills.
• Enjoys attending Security events and Meet-Ups.

Working hours: Normal working hours are 7.5 hours a day, Monday - Friday on a rotating pattern, between the hours of 7am-7pm and may extend to 6am - 10pm. Participation in an On-Call rota.

Working location: This role is full remote.

Travel: Occasional travel may be required depending on project work undertaken.

Benefits:

• 25 days annual leave.
• Pension scheme.
• Private health insurance.
• Enhanced maternity and paternity leave.
• Death-in-service life cover.
• Shopping discounts.
• Cycle to work scheme.
• Season ticket/gym loans.
• Online wellbeing centre.
• Free tea and coffee.
• And more!