Detection Team Engineer

Company Description

Come join us and make a difference in the world!

Discover more at www.necsws.com

NO AGENCIES PLEASE

Job Description

Please note - this role can be Hybrid or Remote, subject to location.

Detection Team Engineer (Cyber Security)

We are seeking to appoint an energetic Cyber Security Engineer, based out of the UK, to join our InfoSec Detection Team.  As a member of this team, you will report directly to the Detection Team Lead and provide valuable security guidance, threat hunting and incident response capabilities as well as enforce security best practices throughout NEC.

In this role, you will collaborate closely with the Detection Team, Response Team, and Architects within the group.  Your responsibilities will involve a diverse range of duties aimed at developing and maintaining NEC security posture, in line with government guidance and our accreditations. Drawing on your comprehensive understanding of the threat landscape, you will leverage your expertise to advise on, investigate and remediate complex security risks and issues across the business, with a strong focus on root cause analysis (RCA).

Key Responsibilities

• Collaborate with Detection Team, Response Team and Architects to identify, assess, and conduct in-depth investigations on areas of interest highlighted through our various reporting mechanisms such as XDR, SIEM, Proxy solutions, Email Threat platform, Application Delivery Controllers (ADCs), Vulnerability Scanning Solutions and Security Bulletins.
• Monitor and investigate security events and alerts, prioritising risk and taking necessary actions to promptly remediate operational security risks.
• Support investigations and incident response scenarios as directed by the Team Lead.
• Learn and contribute to the maintenance and development of our Privileged Access Management (PAM) platform:  requires some knowledge of XML, Python and RegEx.
• Work closely with Security Architects to deliver new security capabilities and ensure ongoing security enforcement and compliance.
• Familiarise yourself with ITIL processes, including change, problem, and incident management.
• Maintain the NCSC's Cyber Security Essentials Plus accreditation.

Desired Qualifications and Skills

• Extensive hands-on experience with a variety of technologies and appliances, particularly SIEM, WAFs, PAM, Windows, Linux, and hypervisor platforms.
• Public cloud awareness and ideally practical knowledge of maintaining a secure public cloud.
• Knowledge of UK government cyber security guidance is desirable.
• Proficiency in securing, auditing, and maintaining public and cloud implementations.
• Experience managing enterprise security products, including Anti-Virus, Data Loss Prevention tools, Endpoint Protection, and Identity Management.
• Strong understanding of the attack chain, advanced persistent threats and the evolving threat landscape.
• Ability to perform controlled malware analysis and scripting on Windows and Linux platforms is advantageous.
• Minimum of five years' experience in systems infrastructure, security operations, or senior IT support roles.
• Previous experience in a Security Operations Centre (SOC) or as part of a Security Team is desirable.
• A strong commitment to continuous learning, developing new skills, and sharing knowledge, including dedicating study time outside of working hours for career advancement.
• Excellent team working skills with clear and professional communication, coupled with a customer service-oriented approach.
• Self-motivated with the ability to work independently and deliver high-quality results.
• Must possess or be eligible to obtain security clearance to MOD SC and Non-Police Personnel Vetting Level 3 (NPPV).

Join our dynamic team and contribute to maintaining a robust and secure environment while advancing your cyber security career.

Potential opportunities from this role

The security team within NEC is continually growing and the successful candidate will have the potential to progress into other security roles in the future.

Pre-employment checks required

• Baseline Standard and Disclosure Scotland (BPSS).
• On employment the candidate must be able to achieve and maintain Security Clearance.

Other important information

Candidates must be able to demonstrate a pre-existing right to work and travel within the EU.  Documentary evidence will be requested at interview.  A Basic Disclosure will also be required.
Occasional travel to other NEC offices (other than a designated base) may also be required.

Qualifications

Demonstrable Expereince in an IT role, with a strong understanding of security concepts / fundamentals.

Essential:

• Excellent understanding of core systems, including all versions of Windows Client / Server and Hypervisor  technologies (ESXI, Hyper-V etc)
• Operation of SIEM / XDR solutions
• Managing enterprise Anti-Virus and Malware platforms
• Basic networking fundamentals (i.e. DNS, DHCP, routing and firewall rules)
• Basic Red Hat Linux (RHEL) / Oracle Linux knowledge

Desirable:

• Basic Static / Dynamic Malware Analysis skills (using tools such as: Sysinternals, PEStudio, CyberChef, API Monitor, NodeJS, Powershell IDE, UPX, Wireshark and BurpSuite)
• LogRhythm / Splunk (SIEM platforms in general)
• Trend Micro suite of applications
• Nessus / Vulnerability scanning software
• Managing a PAM solution
• Pulse Secure Traffic Manager (Brocade)
• Web Application Firewall technologies
• Understanding of ITIL framework
• Understanding of CE+

Personal Skills & Competences

Essential:

• Someone who enjoys taking on new challenges and has the desire to learn new skills and technologies
• Great communication skills
• Analytical / Strong problem-solving skills
• Works well within a team, with the ability to work independently when required

Desirable:

• The ability to learn new skills quickly
• Evidence end-to-end findings from an investigation timeline and trace back to “patient zero”

Additional Information

We pride ourselves in offering an excellent benefits package, including an above average pension scheme. When you join the team at NEC Software Solutions, you are provided with the following:

• Private Medical Cover funded by NEC for Employees (with the option to add family members at an additional cost) 
• 25 days paid holiday with the option to buy/sell 
• 4 x basic salary life assurance cover funded by NEC (with the option to increase cover at an additional cost)
• A Group Pension Plan with fantastic employer contributions up to a maximum of 8.5%
• A selection of flexible benefits to suit your individual needs 

Candidates must be able to demonstrate a pre-existing right to work and travel within the UK. Documentary evidence will be required.

All offers are subject to satisfactory vetting and reference checks. Depending on the nature of the role a Disclosure Barring Service (DBS) check may also be required.

NEC Software Solutions is an equal opportunities employer, welcoming applications from all communities. If you require any reasonable adjustments or have specific accessibility needs during the recruitment or interview process, please feel free to share these with us. We are committed to ensuring an inclusive and accommodating experience for all candidates.

Who We Are:

We’re NEC Software Solutions (part of global tech giant NEC Corporation). While you read this ad, our software is helping to dispatch ambulances, support families, keep trains on the move, locate missing people and even test the hearing of newborn babies.

Working with us, you’ll be helping our 3,000+ employees push the boundaries of what’s possible and support amazing public services.

We work with governments, hospitals, police forces, housing providers, local authorities and more. We help them pay financial support faster, speed up treatments for patients and respond to emergencies in the right way. The more we do, the more our customers can do for others. And together, we make a world of difference.

We’d love your help. And we’ll support you all the way.