Security Engineer - Vulnerability Remediation Analyst
Portsmouth, Hampshire, England
Job Title: Security Engineer (Vulnerability Remediation Specialist)
Location: Portsmouth, Hampshire
Duration: 6 months
Outline Job Profile
My client - a leading Defence & Space giant - is seeking to fill a specific security role for a Data Centre programme in support of a Satellite System. The role on offer is both exciting and challenging for an initial period of six months and may involve some overseas travel. The candidate should be able to demonstrate the ability to work in a dynamic environment with initiative and minimal oversight and be able to fulfil the following Skill Set.
The Security Engineer skill set requires the responsible person to have a background of reviewing, mitigating and remediating configured large IT systems from known vulnerabilities with a practical background experience in Networks and Software System Security.
The Analysts primary functional role requires the candidate to undertake a number of differing tasks - including:
1. Review of expert findings alongside a Technical Assessment of reported vulnerabilities identifying mitigating and remediating solutions.
2. Review of suppliers Security Patching proposals challenging and supporting Security Patch Levels
3. Liaising with internal teams, suppliers and customers in the generation of revised Requirements Specifications.
4. Establishing and review of Test Procedures for use in verifying compliance for mitigation and remediation of vulnerabilities.
5. Managing the execution and witnessing of security verification activities, including direct hands on execution or as required the management of independent / 3rd party audit.
6. Tracking conclusion of mitigation and remediation activities, reporting on vulnerability status folding back into a project Risk Register.
7. Activities as directed by the Security Manager.
The role includes integration within a highly motivated team and for which the candidate will be expected to support secondary tasks including:
1. Technical Assessment of the Risk Exposure from identified vulnerabilities against a Threat Catalogue.
2. Identification of mitigations, moderating risk exposure.
3. Generation of Risk Reports.
4. Liaising with our Customer in support of corroborating status and review of the Risk Analysis.
5. Supporting Accreditation Datapack generation.
6. OS Lockdown definition, implementation and validation.
The candidate will need to be highly proactive and be able to rapidly learn on the job demonstrating the ability to operate both cohesively within a multi-disciplined team as well as independently under guidance from engineering and security management.
1. Report Writing and Technical Presentation
2. An understanding of Vulnerability and Incident management (analysis, assessment, mitigation).
3. Understanding Network Security: ACLs, Firewall Rules, DMZs
4. An understanding of Network attack Methodologies
5. Linux and Windows operating Systems, specifically Security enforcing mechanisms.
6. Virtualisation technologies.
7. Experience of nmap / Nessus and related Security Toolkits e.g .Kali Linux
8. Compliance/Audit experience.
9. CISSP or related certification
1. Security Risk and Threat Analysis
2. DOORs Requirements Management; MS Office
3. OS Lockdown principles
The recruiter has stated that all applicants for this job should be able to prove they are legally entitled to work in the UK. Carbon60 is a trading name of Carbon60 Limited an Employment Business/Agency.
- £ 0.00 - 0.00 Per year
- Full time
Posted 13 Feb 2018
Closes 15 Mar 2018
This job was posted to: Project manager