Senior Security Engineer - Cyber Threat Response

Newcastle upon Tyne, United Kingdom

Xplor

We are the first global company integrating smart software, seamless payments, and Commerce Accelerating Technologies. We help our customers achieve more growth, faster.

View company page

Company Description

At Xplor, we believe that helping people make the most of each day is the most rewarding way to spend ours.

We give small and medium-sized businesses cloud-based, intuitive technology solutions that enable them to manage all the hassles of running and growing a business, so business owners can get back to doing what they love. With Xplor Pay, we help businesses get paid quickly and securely – without hidden fees. We built the tech ourselves, and our platform delivers secure, transparent, fast, and accurate payments.

We are unified by our purpose of helping people to succeed. So, when you become part of our team, you also become part of the personal connection that strengthens the relationship people have with Xplor products.

Job Description

About the opportunity

Join our Central Technology Team to make a real impact every day. We say that because we know that every code line we write, every interface we design and every conversation we have, is another opportunity for us to enrich our customers’ experiences.

Our Security Engineers (CTR) are the front line for the security of our platforms and applications. The role prepares for, and responds to, security events and incidents across our systems.

*** MICROSOFT/AZURE SENTINEL EXPERIENCE REQUIRED***

Some of the other responsibilities include:

  • Preserve the confidentiality, integrity and availability of our information so that it can be safely shared and used to drive our growth and innovation - enabling information confidence
  • Mitigate the business loss arising from security issues by understanding security risk, monitoring for threats and responding to events appropriately within agreed hours
  • Integration with our other security functions to ensure that attack patterns are catered for in defense.
  • Improving Signal Noise Ratio, Developing Incident Response Workflows that can be automated.
  • Perform security monitoring gap analysis using MITRE ATT&CK framework and build corresponding process/framework for continuous evaluation as well as increase detection coverage.
  • Work collaboratively as part of the Cyber Threat Response team during incident response, event monitoring, and threat-hunting activities.
  • Threat intelligence analysis, response and summary
  • Cyber threat analysis support, research, and recommending appropriate remediation and mitigation.
  • Deep understanding of several of the following fields: Email security (including PDF and Document analysis), digital media forensics, monitoring and detection, incident response, vulnerability assessment, penetration testing, cyber intelligence analysis, and network analysis
  • Trending and correlation of monitored events to build new Indicators of Compromise (IOC), attack attribution, and helping establish countermeasures increasing cyber resiliency.
  • Identification of advanced cyber threat activities, Endpoint Detection Response, intrusion detection, incident response, malware analysis, and security content development (e. g., signatures, rules, etc. )
  • Being flexible to work through incidents as needed

About our Central Technology team

At Xplor, we have many different products and technologies. We have evolved from a bunch of start-ups to a single company with over 700 Xplorers who work in our CT team as one team across the world. You can find everything from super modern to older languages. We continue to iterate on our processes and technologies to find common ground between the different projects and product we have.

With this, we rely heavily on our engineers to be dynamic. Xplor is not the company (yet) where you’ll always have well-defined requirements and rigid processes. Our Engineers have a lot of input into the process and requirements. However, there can be challenges and ambiguity you as an Engineer have to overcome – and we know that’s not for everyone. The positive side of this is that you get to have a lot of say and ownership in the product and the process.

Qualifications

What would make me a good candidate?

We are looking for people who want to make a difference in Security.

Required qualifications for this role:

  • Minimum of 2-4 years’ experience in Security Operations
  • Ability to manage Security Incidents through the Incident Handling process.
  • Basic level understanding of ATP, EDR, API Security, Identity Management.
  • Security Incident Response and triage and able to do root cause analysis. Sound understanding of different log sources and event co-relations.
  • Security use-case development and fine-tuning based on the requirements (hands-on experience with Microsoft Sentinel/Kusto Query language preferred).
  • Developing and improving incident response plans and working with team to contain identified threats.
  • Tuning threat detection to minimize noise and amplify a signal.
  • Input to new SOC workflows/metrics, reports, dashboards and processes to improve SOC scalability and efficiency.
  • Maintaining proficiency by following the latest trends and developments in cyber security.
  • Perform security automation to solve security use cases within the organization & continually improve threat detection capability and accuracy.
  • Domain knowledge of Cyber Security, Threat Hunting (Active hunting on network flow, user behavior and threat intelligence), SIEM - Azure Sentinel, Ability to Comprehend Logs (HTTP, SMTP, Network), Windows Active Directory, Operating systems and servers.
  • Well-versed with different attack vectors/TTPs and be able to simulate non-invasive attack as needed.
  • Ability to collaborate and implement new approaches for detecting attacks and effective containment techniques, including scripting, analytics, and automation.
  • Experience working with a selection of SIEM, TIP, malware analysis, and multiple sources of threat intelligence to properly categorize suspicious behavior.
  • The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management.
  • Excellent written and verbal communication skills, interpersonal and collaborative skills.
  • Must be a critical thinker, with strong problem-solving skills.
  • Ability to work independently, enjoys learning, and stays current with industry developments, regulations, and best practices.
  • Preferred Security certifications such as GCIH, AZ-500 & AZ-900, SC-100/SC-200
  • Hands-on experience SIEM/SOAR with analysis and/or response to information security threats or incidents.
  • Experience in performing performance health checks, tuning and optimization, Integrating log sources into SIEM/SOAR technologies.
  • Install / configure / build / fine - tune the SIEM/SOAR tools to setup an effective information security support / operation.
  • Hands-on knowledge of Correlation rules creation / Update / Deletion.
  • Basic understanding of ITIL processes, ISO/PCI DSS, including Change Management, Incident Management, and Problem Management.

Desired Qualifications:

  • Experience working with Jupyter Notebooks for threat hunting planning
  • Knowledge of Python, Powershell

At Xplor, we believe that the best innovation and ideas happen at the intersections of our differences - people of diverse cultures, generations, disciplines, and lived experiences. So even if you think you do not tick all the boxes, we still encourage you to apply.

Additional Information

What does it mean to work for Xplor?

Our four core values - Make life simple, Build for people, Move with purpose and Create lasting communities - are key to who we are and guide us from how we hire to how we recognise our team members.

Life at Xplor

You’ll be part of a global network of talented colleagues who support your success. We look for commonalities and shared passions and give people the tools they need to deliver great work and grow at speed. 

Some of the perks of working with us: 

  • Gender Neutral Paid Parental Leave for both primary and secondary career
  • #GiveBackDays/Commitment to social impact – 3 extra days off to volunteer and give back to your local community
  • Ongoing dedication to Diversity & Inclusion initiatives such as D&I Council, Global Mentorship Program
  • Access to free mental health support
  • Flexible working arrangements

May be considered for a discretionary bonus 

#LI-remote

 

We understand that diverse candidates have diverse needs. We welcome you to inform us of any additional needs related to completing your job application or participating in the interview process, via talent@xplortechnologies.com. 

More about us 

We're the first global platform combining SaaS with embedded payments, and tools to help businesses grow and succeed. We offer software solutions in fast-growing ‘everyday life’ verticals: Education, Fitness & Wellbeing, Field Services and Personal Services – and a global, cloud-based payments processing platform. Xplor Technologies serves over 106,000 customers that processed over $37 billion in payments, operating across 20 markets in 2023.

Good to know

To be considered for employment, you must be legally authorised to work in the location (country) you're applying for. Xplor does not sponsor visas, either at the time of hire or at any later time. 

We kindly ask you to apply through our careers portal or external job boards only. Please don't send your application via email. 

To learn more about us and our products, please visit www.xplortechnologies.com/gb/careers.

We also invite you to check out our Candidate FAQs for more information about our recruitment process www.xplortechnologies.com/us/recruitment-faqs.

Xplor is dedicated to attracting, retaining and developing our people regardless of gender identity, ethnicity, sexual orientation, disability and age. Applications are encouraged from all sectors of the community.

We are a 2024 Circle Back Initiative Employer – we commit to respond to every applicant.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Active Directory Analytics APIs Automation Azure Cloud EDR Forensics GCIH Incident response Intrusion detection ITIL Malware MITRE ATT&CK Monitoring PCI DSS Pentesting PowerShell Python SaaS Scripting SIEM SMTP SOAR SOC Threat detection Threat intelligence TTPs Windows

Perks/benefits: Career development Flex hours Flex vacation Health care Parental leave Startup environment Team events

Regions: Remote/Anywhere Europe
Country: United Kingdom
Job stats:  4  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.