Over the past two decades, UKFast has grown from a start up to a multi-million pound business. We are one of the UK’s leading cloud, managed hosting and colocation providers - supplying dedicated server hosting, private, hybrid and public cloud hosting solutions, and a full range of technical and cybersecurity services. Dedicated to innovation and providing world-class solutions, we help transform our customers’ businesses, bringing together cutting-edge technology with multi-award-winning customer service and support. We support a full cross section of UK enterprise, from local businesses and charities, to global manufacturers and retailers, local and central Government, the NHS and the Ministry of Defence.
2021 is looking like a transformational year for our business following a large investment from the leading mid-market private equity firm Inflexion in 2020. UKFast is about to undergo a major change programme to enhance its existing proposition, build its Public/Hybrid Cloud offer, and refocus on targeting the most attractive customer segments. To support this change UKFast have an opportunity for an experienced Security Engineer to join our Security and Compliance Team. This is a crucial role that focusses on the Public Sector infrastructure and customer projects to ensure their compliance with government security standards.
As a Security Engineer at UKFast you will have the opportunity to use and develop your cyber security expertise within a team dedicated to ensuring the security of our customers’ data and systems as well as UKFast’s own underlying infrastructure, management and monitoring services.
Involving a wide range of technologies and the latest cloud platforms, you will have the opportunity to be involved in cyber security work from the design of new solutions to the destruction of data and equipment at the end of a projects life. Working with government security specialists such as accreditors and compliance bodies to provide assurance to our customers and diligence to the ongoing security posture of our systems.
Some of your major responsibilities include Security Audits, Security Remediation activities, internal vulnerability scanning and maintenance of our security monitoring platforms.
With opportunity to develop and gain experience of a wide range of Cloud technologies and cyber security solutions for both commercial and government needs, this is an outstanding opportunity to work within a team of dedicated security specialists in one of the UK’s leading managed cloud providers.
- Responsible for the Security of all Public Sector platforms and infrastructure.
- Ensure SIEM systems are operational, up to date and in line with UKFast SIEM systems.
- Analyse, develop and refine security monitoring controls, practices and use-cases to detect anomalies and incidents across the applications and infrastructure estate.
- Monitor activity upon specified information systems and devices. Identify and report suspicious, improper, malicious or harmful activity. To include regular and ad-hoc reporting
- Identification, escalation and reporting of security incidents and breaches. Co-ordination of responses to these breaches, assess the impact and improving the overall Incident Response process
- Develop and mature the Incident Response and Threat hunting capabilities.
- Development of Threat Intelligence capabilities and integrating with the security monitoring framework
- Undertake complex IR investigations into specific threats or security incidents both internal and external
- Establish and maintain good working relationships with DAIS Accreditors, PSN Authority and NHS Digital security representatives.
- Receive and review new vulnerability findings (e.g. CVE) and raise remediation tasks where required.
- Scheduling and carrying our periodic internal ITHCs on all Public Sector Systems.
- Create Remediation Plans for internal ITHCs and assign/carry out remediation activities.
- Creation of ITHC Scopes for 3rd Party testing.
- Create Remediation Plans for 3rd Party testing and assign/carry out remediation activities.
- Act as the lead point of contact for all 3rd Party ITHC.
- Carry out periodic manual security audits on all systems (old user accounts, installed software, firewall rulesets etc.).
- Report on Public Sector Security status as a minimum on a monthly basis to the Management Team.
- Carry out Security QA checks on all new Launch systems prior to customer handover (work with the Launch Project Manager and Tech Support Team Lead).
- Work closely with the Tech Support team to ensure Security Patching is being carried out.
- Obsolescence reviews and recommendations where Security may be impacted.
What you will bring
- Experience in managing cyber security incidents
- Working knowledge over a range of operating systems and platforms including: Windows Server, UNIX (Solaris, Linux), Stratus
- Working knowledge of hypervisors such as VMware, HyperV, Citrix and containerisation technologies such as Docker.
- Knowledge of syslog and event viewer
- Relevant experience in an Incident Response and Security Monitoring
- Working knowledge of networks: LAN, WAN, routers (Cisco), switches (Cisco), Firewalls (Cisco, Watchguard, FortiGate), remote access solutions (such as Pulse Secure), VPNs
- In-depth experience with SIEM tools with a strategic oversight on appropriate use case methodologies.
- Implementation of robust security monitoring use cases and threat hunting capabilities
- Working knowledge of security products: network based intrusion prevention systems, vulnerability assessment and compliance monitoring solutions, content management tools.
- Strong knowledge on Vulnerability Management, with proven record of Remediation plans to reduce the threats and risk to Information Assets
- Birthdays off as an extra paid holiday
- Private health insurance after one years’ service
- Full paid maternity leave for first 16 weeks and full paid paternity leave for 2 weeks after two years' service.
- Flexible working and work from home
- Award-winning training and education centre with four full-time teachers to help you obtain accreditations, develop and learn.
- Pearson Vue test centre on-site
- On-site gym
- Games zone with arcade games and retro consoles.
- Free onsite parking
- Table tennis and pool tables
- Team building experiences
- Weekly virtual quiz nights and team parties
- Volunteer days to help support our community and charity partners
- Active and engaged diversity groups with events and educational sessions arranged regularly
Know someone right for the job? Share the role on social media!