Senior Security Ops Engineer

About our client:
Our client is a global investment advisory firm focusing on long-term value creation through investment strategies. They work with a diverse group of institutional partners and pride themselves on their collaborative, sustainable, inclusive culture and performance.

What you will be doing:

• Manage day-to-day operations, including support tickets, tasks, and procedures, within the operational security team.
  
• Participate in daily information security operations, including incident investigation, security tool monitoring and investigation, and escalation management from the managed SOC and threat feed monitoring.
  
• Provide security posture inputs to ensure the correct application of control requirements and technologies and support and escalation for operational security issues.
  
• Configure and operate security tools, including endpoint detection and response tools, secure web gateway tooling, and user entity and behavioral analytics.
  
• Collaborate with technical teams to implement technical security standards that apply industry best practices while considering risk appetite and needs.
  
• Provide technical security advice for projects and changes, including designing technical controls, reviewing business process controls, and contributing to secure software development lifecycle standards.
  
• Research emerging threats and vulnerabilities to aid incident identification and support the creation of new architecture, policies, standards, and technologies to address them.
  

What our client is looking for:

• Holds relevant Microsoft or SANS security certifications.
  
• Strong hands-on experience with security technologies, including monitoring, detection, prevention, and control systems.
  
• Skilled in secure software development lifecycles (DevSecOps) and data governance best practices.
  
• Strong involvement in securing CI/CD pipelines using DevSecOps principles.
  
• Proficient in Microsoft security tools (Azure, M365) and frameworks like OWASP Top 10, SANS Top 20, and MITRE ATT&CK.
  
• Working knowledge of ISO 27001:2022 and its practical business application.
  
• Well-versed in GDPR, cross-border regulations, and compliance demands in financial services.
  
• Committed to high ethical standards, regulatory alignment, and business integrity.
  
• Experienced in implementing and managing incident response plans.
  
• Comfortable in structured, service-oriented security environments.
  
• Works closely with technical teams to roll out and maintain effective security measures.
  
• Strong problem-solving and troubleshooting skills.
  
• Capable of both deep-dive analysis and high-level threat assessment.
  
• Continuously tracks and adapts to evolving threat actor tactics and mitigation strategies.
  

Job ID:

• J106980
  

For a more comprehensive list of opportunities that we have on offer, do visit our website - https://www.parvana.co.uk/careers