Ergomed plc is a public company listed on the London Stock Exchange, with its Headquarters in Guildford, Surrey.  The company employs more than 1,400 people across 20 offices globally. 

It is a rapidly growing and successful company.  This success is due to the hard work of our highly skilled employees and our subsequent reputation for excellence with our clients.

The Cyber Security Engineer will be responsible for working with a range of tools and technologies in order to maintain a secure cloud-first computing environment globally in 20 offices.

This is a varied position that will allow you to work across the technology stack in the business.

You will ensure our business assets are protected in line with the corporate information security program and that compliance is achieved against a variety of technology regulations and requirements present in the pharmaceutical industry.

You will identify, evaluate, manage, remediate and report on information security risks across servers, endpoints, identities, data stores and the network.  Reporting directly to the Senior Director of Information Security, you will be part of a new team with the opportunity to contribute to how the job should be done.

As part of the new security operations team, you will liaise closely with infrastructure and support teams to ensure availability of systems is maintained while carrying out your security work.

The opportunity will suit someone who has performed in a desktop support role with exposure to enterprise-wide security tasks such as anti-virus, patching and endpoint management who would now like to add experience with servers and network devices, plus pure cyber skills, such as malware analysis, firewall and intrusion management to their CV.

The position would also suit someone with experience of working in a SOC who would now like more variety and closer contact with the technology.  This role will see you working with any and all of the various security products across the company.

Key Responsibilities:

·       Day to day oversight of the desktop and server patch program to ensure rapid remediation of all published Microsoft vulnerabilities affecting our IT estate.

·       Day to day management of the vulnerability scan program to ensure full visibility of vulnerabilities across all devices and software.

·       End to end malware management, from analysis to creation of blocking rules.

·       Assessment of new threats as alerted by our threat intelligence feeds.

·       Response to suspicious activity as part of incident response and security event management.

·       Creation and management of rules across the various management consoles deployed to secure the enterprise.

·       System access reviews to ensure the principle of least privilege is adhered to.

·       Mobile device management using Microsoft Intune/Endpoint Manager.

·       Reviewing, managing and remediating security alerts across the Microsoft Defender suite.

·       Creation and management of rules in Azure AD, such as MFA and conditional access.

·       Management of remote access granted to our third-party partners.

·       Windows desktop and Windows server security hardening.

·       Firewall rule management to ensure the principle of least privilege is maintained.

·       All other cyber security related tasks that arise from protecting an enterprise.

Technical cyber security qualifications would be preferred, such as Security+, CYSA+, CEH.

Any of the Microsoft information protection, Office 365, identity and access, security engineer or security operations exams would be very welcomed.

Special Skills:

·       Strong analytical, problem-solving, critical thinking ability.

·       An eye for detail that will make you question what you see in an audit log.

·       An appetite and passion to always learn new technologies and push yourself to be a better engineer.

·       A security mindset, always thinking "what if an attacker tried this?"

·       Excellent people skills capable of working seamlessly with support teams in the IT department even when under pressure.

Full-time position
Competitive salary and benefits
Remote working with requirement to visit the office in Guildford usually just once per week.