SecOps Engineer at UKRI, Remote/Swindon, 10 Months, £Contract Rate

  • Contract Spy
  • Remote (Swindon, UK)
  • May 28, 2024
6 Months or more

Contract Description

 

SecOps Engineer Inside IR35

Contract Term: 10 months

Contracting Authority: UKRI

Location: Remote – infrequent travel to Swindon office

As a SecOps Engineer your main responsibilities will be: 

  • Work with our third-party supplier on implementing the DevSecOps capability for BS&I
  • Generate regular security reports focused on utility, visual presentation, and ease of interpretation for the end user summarizing security events and incidents
  • Provide support on ad-hoc projects as required.
  • Stay informed about the latest security threats and vulnerabilities
  • Continuously monitor security alerts and events from various sources, including intrusion detection system, SIEM tools, and log files
  • Acting as third line/point of escalation from third party on security incidents, anomalies, and potential threats.
  • Develop and execute incident response plans to mitigate security incidents promptly
  • Coordinate incident response efforts with relevant stakeholders, including other IT teams, third party suppliers, and management.
  • Document incident details, actions taken, and lessons learned for post-incident analysis
  • Identification and assess vulnerabilities in systems and networks
  • Prioritise vulnerabilities based on their severity and potential impact
  • Work with BS&I and other IT teams to remediate or mitigate vulnerabilities
  • Provide advisory guidance on configuration and security infrastructure, including firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs
  • Ensure security policies and access controls are properly configured and enforced
  • Create and maintain security policies, procedures, and guidelines
  • Provide advisory guidance and request prioritisation on the deployment of security patches and updates for operating systems and applications

 

You’ll have relevant experience in:

  • SC Clearance is an essential requirement for this role, as a minimum you must be eligible and willing to undergo these checks.
  • Strong knowledge of network security principles, including firewalls, VPNs and network monitoring
  • Proficiency in operating systems, especially in Linux
  • Familiarity with tools such as SIEM system, antivirus software and vulnerability assessment tools
  • Experience with incident detection and response procedures
  • Understanding of cloud security principles
  • Awareness of web application security vulnerabilities and testing methodologies.
  • Chairing and facilitating issue resolution meetings with the ability to prioritise on items to deliver
  • Strong people skills and a team player, working collaboratively and sharing information appropriately.
  • Building supportive, trusting and professional relationships with colleagues and stakeholder.
  • Focusing on delivering timely performance and taking responsibility and accountability for quality outcomes. Ability to deal with challenges in a responsive and constructive way. Keeping a firm focus on priorities and addressing issues transparently and promptly
  • Base decision on evidence and follow agreed processes and policies, challenging appropriately