Senior IT Security Operations Engineer
Centrica Energy Trading A/S is looking to expand its IT Security team by adding a Senior IT Security Operations Engineer to the office in Aalborg, Denmark.
This role will be a key contributor to advancing the enterprise-wide information security program and ensure data, information assets and critical infrastructure is protected. You will be a key technical and strategic resource that identifies, implements, manages and supports security solutions and security tool stacks to mitigate cyber threats and vulnerabilities.
This role is focused on ensuring that the company’s global network infrastructure is meeting all security operational performance and reliability targets. The role is responsible for all security operational activities related to our cloud or on-premise network infrastructure, engaging with partners and vendor demands, and assisting the architecture and engineering team with delivery of new technology as required.
Taking it further
We are looking for someone who thrives on continuously making thing better. You will be working with network engineers, cloud engineers, developers, service desk staff and external partners. You have an eye for detail, and you are motivated by continuously chasing vulnerabilities and mitigating them. You will get the opportunity to shape the IT security posture of the company. You set the direction and drive initiatives. This role is operational and not an administrative role.
- Identify security risks and create technical solutions to mitigate threats.
- Enhance our security posture through follow up and management of vulnerability management frameworks
- Work closely with our SOC provider to continue to enhance and develop our SOC framework.
- Work closely with our network team to further strengthen our network security posture
- Participate in technology selection, implementation, and daily operation of our Security frameworks
- Put forward remediation initiatives to mitigate risks.
- Assists in the implementation and enhancement of patch management processes
- To serve as technical security leads for large complex projects that involve cross-functional teams
- Work with Development teams, and have an awareness of development methodologies
- Able to engage with and report into Corporate level Information Security professionals
- Experience of managing the "whole" environment (EUC, LAN, WAN, Data centers, Cloud)
- Able to engage with Senior business stakeholders and present in a way that can be understood by non-technical people
What do we expect from you?
You always push to continuously improve on a personal level, but also on a technological level. You are curious, driven and motivated by involving yourself in complicated challenges in a fast paced 24x7 environment consisting of a lot of moving parts. You have good English written and verbal skills and you are not afraid to speak your mind.
It is expected that you will be "self-sufficient" and able to lead the Security Operations environment. You will be expected to drive Security standards within the trading business, be able to work as part of a larger Information Security function that sets guidance at a corporate level. A key requirement of the function will be an ability to implement the "correct" service for the trading business, whilst maintaining adherence to corporate standards.
There is an expectation that the right person would, over time, start to increase the remit and responsibility within the Information Security function to include ownership of the UK based trading business to ensure a level of consistent reporting, tool sets and engagement. This is a role that offers a fantastic opportunity to expand and grow as well as providing experience of working in a truly global trading business.
You have 8+ years of experience from the area of Information security engineering and IT security operations.
- Expert in the concept of Identify, Protect, Detect, Response & Recover
- Experience with risk assessment tools, technologies, and methods
- Expertise in designing secure networks, systems, and application architectures
- Cloud platform and on-premise experience
- Automating security test processes and procedures
- Some forensic capabilities and experience
- Have or be in process of obtaining advanced certifications pertinent to area of expertise
- Knowledge and understanding of modern cyber threats
- Knowledge of fundamental mechanism of Cybersecurity defenses (Firewalls, IPS, System Hardening, AV, DNS Security, ...)
- Knowledge of Threat Modeling
- Knowledge of scripting languages like Python / Powershell
- Knowledge of System Integration (MS Technology, OS Linux, VMWare, Networks and Data Centers, Security solutions)
- Experience from the energy sector or financial/banking industry a plus, but not a requirement
- Confident and experienced technologist that can discuss Info Sec related items with all areas of the technology team and business.
- Experience of working in a Global business would be beneficial
- A small level of International travel will be required
- You need to be eligible for PET security clearance and authorization.
We do not expect you to be able to check all these boxes, but if you can see yourself in this role, we would like to hear from you!
We can offer
If you can supply the willingness and the personal attitude, we can offer a work environment that will help you grow on a professional - as well as on a personal level. You will get firsthand experience within the energy sector and within a trading business - and you will join an international company with a proven track record and an ambitious growth plan! You will be joining a team consisting of different personalities and skillsets, but where the fundamental principle is pulling together. We offer flexible working hours and location. We offer a positive working environment characterized by expertise, responsibility, and innovation with a high degree of participation and decision-making influence.
Application due: 10/4/2020
Start date: 12/1/2020
Questions regarding the position
Head of IT Operations