Senior Cyber Security Engineer
London, England, United Kingdom
Applications have closed
Evaluate
Trusted commercial intelligence, consensus forecasts, Vantage news and analysis for pharma, biotech and medtech industry - Explore Evaluate#hybrid
Evaluate Ltd is a major international company providing outstanding market intelligence services for the Pharmaceutical, Medical Device , Financial and Consulting sectors, through the Evaluate Pharma®, Evaluate Medtech®, Evaluate Omnium and Evaluate Vantage® online brands. Our international clients in Pharma and Biotech, Medtech, Banking and Consultancy regard Evaluate Pharma® as the industry’s gold standard for timely and accurate analysis of reported drug sales, consensus sales forecasts, R&D pipeline, markets and comprehensive company financials.
SCOPE OF THE ROLE
As a Senior Cyber Security Engineer, you will be central to Evaluate’s cyber security strategy. You will be responsible for helping define and implement an extensive and ongoing program of work encompassing:
- Technology - deploying and monitoring our cyber security technical controls
- People – advising, training and guiding to empower people to help manage cyber security risk
- Processes – reviewing and advising on our cyber security processes, identifying and implementing improvements.
This is predominantly a hands-on technical role which is also a key stakeholder in defining our cyber roadmap, ensuring our cyber security program continues to meet business requirements.
HOW YOU’LL SUCCEED
Reporting to the Head of IT, you’ll be working with all members of the IT and Technology teams on cyber security matters encompassing People, Processes and Technology:
- Deploy, configure and manage Evaluate’s comprehensive suite of cyber security tools, ranging from Managed Detection and Response (MDR) to Endpoint Protection
- Define and implement automated cyber security monitoring, including degree of compliance, across a varied cloud-based estate encompassing both legacy IT and modern DevOps practices
- Define and report on cyber security KPIs
- Contribute to developing Evaluate’s cyber security strategy
- Propose continuous improvements to keep pace with developing cyber security risks
- Help define and write our policies
- Assist with the creation, maintenance and delivery of cyber security awareness training for Evaluate staff
- Work with external service providers to complete regular security assessments and penetration tests
- Be a Subject Matter Expert on cyber security
- Work with our Engineering teams to ensure that cyber risks are well understood & suitably prioritised in project backlogs
- Support our Engineering teams on major product launches or environment changes to ensure that cyber risks are assessed and dealt with
- Participate in a security incident response on-call rota
- Contribute to our team-based risk assessment process; identifying, recording, assessing, and mitigating risks
- Advise on the implementation of a cyber security framework
- Participate in the Cyber Security Committee, reporting on key cyber security metrics and our current risk profile.
Requirements
WHAT IT TAKES
- Relevant cyber security experience
- Degree in computer science, information systems, or a related technical discipline or equivalent professional experience directly related to cyber security or network defence
- Sysadmin-level competence in most of the following technologies: Azure, Active Directory, M365, AWS, networking, Windows, Linux, PKI & certificate authorities; containerisation (docker & Kubernetes); Terraform, Intune, CloudFront
- Strong working knowledge of common security tools, such as a SIEM, MDR, vulnerability assessment, WAF, IDS/IPS
- Proven knowledge and experience of industry standards and best practice e.g. Cyber Essentials, NIST, ISO 27001
- Experience in security education and policy management
- Experience in incident response and incident management
- Working knowledge of UK GDPR
- A demonstrated ability to analyse and prioritise security risks
- Close attention to detail
- At least one advanced cyber security certification e.g. Certified Information Systems Security Professional (CISSP); Systems Security Certified Practitioner (SSCP); GIAC Information Security Professional (GISP); Certified Ethical Hacker (CEH).
Benefits
WHAT WE OFFER YOU
- 25 days holiday (increasing to 30 over 9 years) + 8 bank holidays
- Value you day - one additional wellbeing day on top of your holiday allowance
- Pension plan - company contribution of 6.7% rising to 10% after 12 months service
- Life Assurance 4 x salary
- Employee Assistance Programme (EAP)
- Private Medical Insurance*
- Corporate Gym Membership/Discount*
- Flexible working and flexitime policies
- Season Ticket Loan*
- Cycle to Work Scheme
- Maternity, Paternity & Adoption leave- including enhanced leave for 2+ years' service
- Shared parental leave
(*following successful completion of probation period.)
Evaluate is an equal opportunities employer and do not discriminate on the grounds of gender, sexual orientation, marital or civil partner status, pregnancy or maternity, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age. Our ethos is to respect and value people’s differences, to help everyone achieve more at work as well as in their personal lives so that they feel proud of the part they play in our success. We believe that all decisions about people at work should be based on the individual’s abilities, skills, performance and behaviour and our business requirements. Evaluate operates a zero tolerance policy to any form of discrimination, abuse or harassment.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory AWS Azure Banking CEH CISSP Cloud CloudFront Compliance Computer Science DevOps Docker GDPR GIAC IDS Incident response IPS ISO 27001 KPIs Kubernetes Linux Monitoring NIST PKI R&D Risk assessment Security assessment Security strategy SIEM SSCP Strategy Terraform Windows
Perks/benefits: Career development Fitness / gym Flex hours Health care Insurance Medical leave Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs