Cyber Security Engineer

USS

Cyber Security Engineer

Business Area: IT

Place of Work: Liverpool

Contract Type: Permanent

Hours: Full Time

The Universities Superannuation Scheme (USS) has circa 396,000 members, and over £60 billion in assets, we’re one of the largest private pension schemes in the UK and in the top 50 worldwide. Established in 1974, we’re entrusted by over 350 higher education sector employers to manage and administer the pension scheme and its investments through our two companies, Universities Superannuation Scheme Limited and USS Investment Management Limited.
 
Our mission
To be the pension service of choice for the higher education sector for the long-term
 
The role
The Cyber Security Engineer will play an integral part in ensuring that all USS systems are Securely implemented and maintained. They will have a strong awareness of the cyber security threat landscape, SIEM tools, firewalls and boundary controls coupled with excellent troubleshooting and investigating skills. They will have a solid understanding of threat analysis and cyber threat intelligence, the ability to look at complex threats and be confident regarding forensic analysis and surrounding techniques.
 
Key responsibilities
Support, maintenance, development and governance of all security platforms including but not limited to SIEM, NAC, Vulnerability Management, Firewalls, 2FA, Endpoint Security, e-mail security and web security. 
Ensure that all security incidents, alerts and exceptions are responded to in accordance with established procedures. 
Conduct advanced network, endpoint, and log analysis to determine the root cause and impact of any security incidents or events and remediate where necessary. 
Produce regular vulnerability reports to demonstrate USS compliance and security posture. 
Track cyber threat actors/campaigns based off data from security toolsets, technical analysis and open source intelligence with a view to highlighting and remediating any identified risk. 
Provide support to vulnerability analysis, penetration testing and compliance monitoring activities. 
Lead on remediation of system vulnerabilities through patching and updates as part of planned and emergency maintenance processes across the platforms.
Building security into BAU processes 
Technical documentation of current and newly implemented solutions.
Act as a technical escalation point for security events for other engineers, developing them through mentoring and handover.
Working with internal teams to ensure that the USS security posture remains at acceptable levels whilst retaining security certifications and validation as required by internal and external audit.
Be proactive in approach and keep abreast of emerging threats to be considered by USS. Gather information about threat landscape and breach exposure from existing or suggested tools to provide the assurance of security status on the USS infrastructure.
Assist with auditing requirements in relation to IT Security – reports, checks, evidence with both internal and external auditing functions.
Work closely with third parties to ensure the effectiveness of the tools in place.
Ensure change control is followed within the USS change control process.

Customer Focused Service:
With customer services a priority for the Technology Services function, provide the team with the business knowledge to understand how our organisation works enabling the correct prioritisation of work. 
Engage with key stakeholders on a regular basis, encouraging an open and collaborative communication stream across both Liverpool and London departments.

Project Management:
Working with project teams, both technical and management, plan technical implementations keeping in mind security impact and on-going support. Ensure project handover is completed prior to any project being closed. 
Have technical input into Infrastructure technology decisions.

Maintenance & Recovery:
Assist Monitoring & Compliance Analyst with escalations relating to daily tasks under the umbrella of patching and maintenance, ensuring the USS infrastructure is secure and stable for all users.

Governance:
Assist senior management with policy and procedure governance ensuring it is up to date.
Assist Monitoring & Compliance Analyst to produce reports packs as identified requirements from across the business.
 
Your experience
Essential 
Strong experience and knowledge of using Security Information and Event Management tools such as Splunk.
Strong experience and knowledge of implementing and supporting Network Access Controls such as Forescout.
Strong experience and knowledge of implementing and supporting Next Gen Firewalls such as Palo Alto.
Strong understand of Network, Data Centre and WebApp security.
Experience with vulnerability management tools such as Nexpose.
Strong understanding of the cyber threat landscape
Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents
Familiarity with security vulnerabilities, exploits, malware and digital forensics
Ability to work independently.
Writing and delivering reports as identified.
Excellent communication and collaboration skills.
Able to effectively manage a technical workload both project and BAU.
Advanced problem-solving skills.
Desirable
Good understanding of Citrix NetScaler
Good understanding of SolarWinds.
Good understand of Linux and Windows operating systems.
Good understand of Office365 & Cloud networking technologies.
Experience working in investment management and associated technologies involved within that financial area.
Forensic event methodology.
Knowledge of internally managed PEN testing tools.
CISM, CISSP, CEH or another security qualification

USSL is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Bookmark this page on

or email this job to a friend

Please rotate your device to Landscape (horizontal) mode in order to use this application.