Principal Cyber Security Operations Engineer - NESO
Wokingham, GB, RG41 5BN
Applications have closed
National Grid
We are one of the world’s largest investor-owned energy companies, committed to delivering electricity and gas safely, reliably and efficiently to the customers and communities we serve.About the Role
We are seeking a highly skilled and experienced Principal Cyber Operations Engineer to join our team. The ideal candidate will possess a strong SIEM engineering and will also be comfortable in a mentorship role, providing advice and guidance to other members of the Engineering team. The Principal Cyber Operations Engineer will be responsible for working with other Cyber Operations Engineers to onboard data sources into a central SIEM, ensuring data quality, and addressing any data quality issues that may arise. The Principal Cyber Operations Engineer will also be responsible for maintaining and validating the configuration of various security tooling that serves the needs of the SOC and Cyber Operations team, such as EDR and other detection tooling.
This role requires a proactive and detail-oriented individual with a broad understanding of the data requirements and needs of a Security Operations function, and a proven track record of working in a previous Cyber Operations Engineering environment, or in a Security Operations role. We also value curious individuals with a passion for security, who are who are interested in working in an environment with bespoke systems and processes which not everyone gets to encounter.
This role can be based from Wokingham or Warwick, and we continue to offer hybrid working from office and home.
About Us
At NESO, our mission is to meet the challenges of the future and deliver cleaner, affordable electricity. We constantly strive to do this better by using technology and innovation to transform the way we work.
About the National Energy System Operator (NESO)
In Autumn of 2024, the ESO transitioned to National Energy System Operator, or NESO for short. Previously denoted as the Future System Operator (or FSO), the new National Energy System Operator is the independent body responsible for planning Great Britain’s electricity and gas networks and operating the electricity system.
The ESO, including all of its existing roles, are now at the heart of the new National Energy System Operator. As NESO, we will build on our existing roles, capabilities, and ways of working significantly to create an organisation the energy system and its users’ need. Our new capabilities will enable us to look across vectors, including electricity, natural gas and hydrogen, and crucially consider the trade-offs between them.
The organisation is set up as a public corporation with its own Board of independent directors, with complete operational independence from government, the regulator and any and all commercial interest. As was the ESO, NESO will be licenced and regulated by Ofgem through price control agreements and obligated to identify optimal solutions to system operations and planning in the most sustainable, affordable and secure way for all.
The time to deliver is now. As part of our team, you won’t just be touching the lives of almost everyone in Great Britain – you’ll be shaping the way we use and consume energy for generations to come.
has context menu
Key Accountabilities
- Provide mentorship and guidance to other members of the Engineering team.
- Weigh in on tough technical decisions where competing interests or solutions require consideration.
- Identify and highlight potential avenues for increasing efficiency of delivery and process within the Engineering team.
- Provide technical guidance and support to other team members as needed.
- Suggest and recommend updates to operational procedures and flows to optimise the onboarding of data sources and ensure the widest security visibility across NESO.
- Collaborate with stakeholders to onboard data sources into the SIEM platform.
- Configure and optimize data collection and parsing mechanisms to ensure accurate and efficient data ingestion.
- Investigate and resolve data quality issues, working closely with stakeholders to implement necessary corrective actions.
- Develop and maintain documentation related to data source onboarding processes and procedures.
- Help maintain and validate the configuration of various security tools to serve the needs of the SOC and Threat Detection teams, such as EDR and other detection tooling.
About You
- A proven ability to lead on technical implementation and decision making within an Engineering or Security context.
- Passionate about security, and building secure infrastructure and secure foundations.
- Proven experience working with SIEM platforms and related tooling.
- Strong understanding of SIEM (Security Information and Event Management) concepts and best practices.
- Familiarity with SIEM data onboarding processes and techniques.
- Awareness and familiarity of treating cyber operations engineering using a Software Development Lifecycle mindset (Using tooling such as Git forges, CI/CD pipelines, Infrastructure as Code, Detection as Code, etc)
- Knowledge of various data source formats and protocols (e.g., syslog, JSON, REST API).
- Experience in troubleshooting and resolving data quality issues.
- Experience working with security tooling such as EDR, Deception Tech, Malware Sandboxes, Vulnerability Management Tooling, etc.
- Familiarity with security incident response and investigation processes.
- Excellent problem-solving and analytical skills.
- Strong communication and collaboration abilities.
- Relevant certifications (e.g. GIAC) are a plus.
- Curiosity – We often deal with bespoke or less common data sources at National Grid ESO, and a willingness and enthusiasm to take on the challenge of making sense of these data sources is a must.
- Experience integrating applications, platforms, and tooling into security monitoring infrastructure, ensuring the right level of visibility for Security Operations Teams.
- In-depth knowledge and experience in security engineering, operations, analysis, and response
- Experience in scripting or programming (Python, Bash, PowerShell, Etc)
- Strong analytical and problem-solving skills and ability to handle complex and dynamic situations
- Awareness of current and emerging cyber threats, trends, and best practices
What You'll Get
A competitive salary between £64,000 – 69,000 – dependent on experience and capability.
As well as your base salary, there is a bonus scheme, 28 days annual leave as standard, and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%.
You will also have access to a comprehensive benefits package tailored to support your well-being and professional success. From a competitive salary to flexible work arrangements, we promote your work-life balance. Enjoy fit for purpose wellbeing and lifestyle offerings, ongoing skill development aligned to our Purpose and Values, and be part of a supportive community that values your individuality and where you can belong.
More Information
This role closes on 02/10/2024 at 23:59, however we encourage candidates to submit their application as early as possible and not wait until the published closing date as this can vary.
We work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office.
We're committed to building a workforce that represents the communities we serve, and a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.
On 1 October 2024, we're becoming the National Energy System Operator (NESO).
NESO’s new careers site goes live on Monday 7 October. In the meantime, you’ll still see National Grid branding. The job application process remains the same. If you have any questions, please contact: box.TalentAcquisition@nationalgrideso.com
#LI-BO1
#LI-HYBRID
Tags: APIs Bash CI/CD EDR GIAC Incident response JSON Malware Monitoring PowerShell Python REST API Scripting SDLC SIEM SOC Threat detection Vulnerability management
Perks/benefits: Competitive pay Flex hours Home office stipend Salary bonus
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.