The Cyber Security Engineer will be responsible for working with a range of tools and technologies in order to maintain a secure cloud-first computing environment globally in 20 offices.
This is a varied position that will allow you to work across the technology stack in the business.
You will ensure our business assets are protected in line with the corporate information security program and that compliance is achieved against a variety of technology regulations and requirements present in the pharmaceutical industry.
You will identify, evaluate, manage, remediate and report on information security risks across servers, endpoints, identities, data stores and the network. Reporting directly to the Senior Director of Information Security, you will be part of a new team with the opportunity to contribute to how the job should be done.
As part of the new security operations team, you will liaise closely with infrastructure and support teams to ensure availability of systems is maintained while carrying out your security work.
The opportunity will suit someone who has performed in a desktop support role with exposure to enterprise-wide security tasks such as anti-virus, patching and endpoint management who would now like to add experience with servers and network devices, plus pure cyber skills, such as malware analysis, firewall and intrusion management to their CV.
The position would also suit someone with experience of working in a SOC who would now like more variety and closer contact with the technology. This role will see you working with any and all of the various security products across the company.
· Day to day oversight of the desktop and server patch program to ensure rapid remediation of all published Microsoft vulnerabilities affecting our IT estate.
· Day to day management of the vulnerability scan program to ensure full visibility of vulnerabilities across all devices and software.
· End to end malware management, from analysis to creation of blocking rules.
· Assessment of new threats as alerted by our threat intelligence feeds.
· Response to suspicious activity as part of incident response and security event management.
· Creation and management of rules across the various management consoles deployed to secure the enterprise.
· System access reviews to ensure the principle of least privilege is adhered to.
· Mobile device management using Microsoft Intune/Endpoint Manager.
· Reviewing, managing and remediating security alerts across the Microsoft Defender suite.
· Creation and management of rules in Azure AD, such as MFA and conditional access.
· Management of remote access granted to our third-party partners.
· Windows desktop and Windows server security hardening.
· Firewall rule management to ensure the principle of least privilege is maintained.
· All other cyber security related tasks that arise from protecting an enterprise.