Cyber Security Engineer

Consult Red are looking for an skilled Cyber Security Engineer with hands on experience to support staff in the UK, Poland and US.

Consult Red is an employee-owned company and a trusted partner to some of the world's largest brands. We're an R&D technology partner that develops cutting-edge 'Internet of Things (IoT) smart, connected products, video and broadband end-user equipment streaming TV devices, networks and platforms. Connected devices and systems developed by Consult Red are currently in more than 30 million homes around the world.

Our story started in 2003 when five friends founded the company in Shipley, West Yorkshire. Since then, we've grown a lot. We work with the world's leading media operators, including Liberty Global (Virgin, UPC), Comcast (Sky) and AT&T (Directv), and in the last 12 months alone we’ve grown our team in the UK, Poland and the US by 40%. We're now over 220 people globally, working collaboratively to provide an industry-leading consultancy service across software development, hardware, embedded, and cloud technologies.

We're proud to be an employee-owned business.  At Consult Red, everyone has a stake, and everyone has a say. The employees are the business owners, and we work together with shared values and purpose towards our common goals. We want every team member to feel empowered, have a say in our future, and share in our success. 

We are a fast-growing company and like many companies cyber security is becoming increasingly important to us and our customers. We recently achieved ISO27001 certification, but this is just the start of our initiative to improve our cyber security posture. We are committed to an ongoing programme of cyber security improvements ranging from infrastructure updates to company-wide awareness.

Our Cyber security engineer will be the first member of our IT team dedicated to cyber security. They will take a key role in many of our security initiatives. While hacks can be fiendishly complex the fundamentals of cyber security on day-to-day basis are straightforward, it is vital to be constantly aware of emerging vulnerabilities, to prioritise them and then remediate in the appropriate timescale. Maintaining our day-to-day cyber security in this fashion will a key responsibility for a new cyber security engineer.

This role is part of a global team of IT professionals that deliver in-depth technical services for the most critical applications and infrastructure to ensure that they are highly resilient against existing and emerging cyber security threats.

This role requires a hands-on individual, responsible for the implementation and maintenance of SOC-related infrastructure and a range of technologies. The main focus will be development and operation of our the SIEM infrastructure, with scope of responsibilities expanding into other technical information security projects.

• Monitor vulnerabilities from various sources, prioritisation and remediation
• Assist with technical design, implementation and maintenance of the technical security infrastructure and policies
• Implement and tune SIEM event correlation rules, logic, and content to filter out security events associated with known network behaviour, known false positives and/or known errors
• Work with the team to defend the company appropriately and practically, in accordance with established policies, procedures, guidelines and practices
• Prepare and document standard operating procedures and protocols. Contribute to the continuous improvement of security procedures and documentation
• Work with the Cyber Security partner and Customers Security Teams to monitor and research industry information sources for zero-day threats and vulnerabilities that impact the organisation
• Keep up to date with the latest security threats and technology developments
• Assist with Cyber Security awareness and communicating incident response updates
• Assist the IT team as where necessary - with primary focus on Cyber Security activities
• Assist with internal and external audits relating to cyber security
• Monitor and respond to phishing emails
• Familiarity with MS Defender Endpoint Management and other EDR tools such as Cynet
• Familiarity with automated vulnerabilities scanning such as Tenable
• Experience with analysing, processing and presenting data
• A good problem solver – able to analyse data and objectives and come up with a systematic solution
• Experience working within a similar cyber and Infosec engineering function
• Conversant with key security principles outlined in ISO27001 and Cyber Essentials plus with a flexibility to continually develop skills as security principles evolve
• A broad understanding of a wide range of technologies including tools such as EDR, vulnerability scanners, log monitoring, DNS filtering and SIEM systems
• A good working knowledge of IDS, IPS, network segregation and network access control
• Knowledge of IAM / PAM / privileged password management especially in relation to MS Active Directory
• Strong communicator, with the ability to communicate technical information to less technical colleagues

• Thorough with a good attention to detail
• Flexible and able to adapt as different demands are placed on the team
• Comfortable communicating at all levels
• Reliable, organised and pro-active
• Keen to learn and understand new things
• Diligent and will ensure important tasks are completed in a timely manner