Security Engineer

Digital Shadows is fast growth company with offices in London, San Francisco, Dallas, Frankfurt and Singapore. Our mission is to protect organizations from external digital risks across the open, deep, and dark web. We do this by providing relevant threat intelligence, context, expertise, and remediation that enables organizations and security teams to focus on their core business in the digital era. Our SearchLight™ service combines scalable data analytics with threat intelligence analysts to monitor for cyber threats, data leakage, reputation risks and a whole lot more. You can learn more about us at www.digitalshadows.com or review the Forrester New Wave report where we were named the leader in Digital Risk Protection.

We are currently seeking a UK-based Security Engineer to join our Security team. This position will play a critical role in our security program, and the successful candidate will be empowered to drive the program forward. The Security Engineer will be responsible for evaluating and implementing security solutions as well as detection and response activities. The Security Engineer will be a self-starter, able to work independently in a fast-paced, global, and dynamic working environment.

Role and Responsibilities

• Administer security tools and platforms
• Configure, monitor, and respond to endpoint, network and SIEM alerts
• Participate in incident response activities
• Identify, track & resolve vulnerabilities as part of the vulnerability management program
• Conduct internal and 3rd party risk assessments
• Participate in internal security assessments such as Purple Team exercises
• Develop technical solutions and security tooling to help to automate repeatable tasks
• Maintain security control/framework documentation

Requirements

• 4+ years information security experience
• Knowledge of and experience with programming/scripting (e.g., Python, Bash, PowerShell)
• Experience with a broad range of security solutions including: Next-Generation Firewalls, Network Security Monitoring, ‘Security Information and Event Management’, ‘Security Orchestration, Automation and Response’, ‘Endpoint Detection and Response’, and Vulnerability Management tools
• Experience building and maintaining security systems
• Experience with intrusion detection, incident response, and remediation
• Experience administration, securing, and vulnerability management of Windows, Linux/Unix, or macOS systems
• Ability to work independently and effectively in a fast paced, dynamic working environment
• Excellent problem-solving skills
• Proactive, positive, self-starter, with strong organisational skills.
• Highly self-motivated
• Willingness to learn and stay up-to-date on threats and vulnerabilities

Desirable:

• Experience monitoring and securing AWS environments (e.g., CloudWatch, CloudTrail, Inspector, GuardDuty, Evident.io, Dome9)
• Experience deploying CASB and or SASE solutions
• Security certifications such as GIAC GSEC, GIAC GCIH, CEH, or similar
• Open Source Intelligence (OSINT) skills
• Experience with Application Security (e.g., SAST, DAST, etc.

Benefits

• Competitive Benefits Package, including equity
• Spirited, fun office with regular outings/events (in a normal year!)
• Public speaking opportunities if is interested in building personal/professional brand
• Flexible working options