- Company Name
- Ampa - Legal & Professional Services
- Job Title
- Information Security Engineer
- Job Description
-
Ampa are seeking an experienced, highly skilled and motivated Information Security Engineer to join our dynamic team due to continued growth.
What you will be doing:
This role involves implementing, managing and monitoring our organisation's security platforms to protect against cyber threats and vulnerabilities. The ideal candidate will possess a deep understanding of network and application security, incident response, and vulnerability management. They will work as part of the Information Security team but will collaborate extensively with other IT teams, to ensure the safety and integrity of our systems and data while working within existing frameworks.
Key Responsibilities
Security Platform Management:
Implement and maintain security solutions such as firewalls, intrusion detection/prevention systems (IDS/IPS), Network Detection and Response tools, Email Security tooling, SIEM technology, Encryption, and access control systems to protect a Windows based Hybrid Cloud Environment.
Support our transformational and ongoing move to the Cloud and have extensive experience of securing supplied services (SaaS, PaaS etc).
Configure and manage security appliances and software for the protection of network, servers, and data on premises and in the cloud.
Develop and enforce security policies, standards, and guidelines to improve the groups security posture.
Incident Management
Be responsible for and report on system alerts from monitoring systems related to security and the ongoing function of tooling.
Assist security teams to provide investigation into security related incidents, ensuring tooling delivers the information required.
Develop New Security Systems
Improve company security posture by building new systems that provide greater control or visibility for the analyst team.
Work with the projects team to ensure that they are developed with security in mind and use the most appropriate technologies while aligning with the group's architectural principles.
Participate in the groups Technical Design Authority meetings to present new projects and support development by other teams.
Make recommendations of ways the security posture can be improved.
Vulnerability Management & Risk Assessment:
Help conduct regular vulnerability assessments and Security Control testing to identify weaknesses in systems and networks. Using this information to further secure the network.
Perform risk assessments and help design strategies for mitigating potential security threats.
Collaborate with development teams to ensure security best practices are embedded into the software development lifecycle (SDLC).
Security Audits & Compliance:
Help ensure compliance with industry regulations by assisting with regular security audits and reviews.
Assist in preparing for external audits and assessments by ensuring appropriate documentation and reporting.
Collaboration & Knowledge Sharing:
Work closely with IT teams, management, and other departments to ensure that security measures are effectively integrated into all aspects of the organization.
Work harmoniously with other IT teams to assure smooth implementations of changes.
Keep abreast of the latest cybersecurity trends, emerging threats, and technologies to maintain a cutting-edge defence posture.
What you will need:
Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience.
Proven experience (3+ years) in cybersecurity, network security, or IT security roles.
Strong knowledge of security protocols, Cryptography, and Threat Intelligence.
Hands-on experience with security tools and technologies such as firewalls, SIEM (Security Information and Event Management) systems, XDR, intrusion detection/prevention systems (IDS/IPS), vulnerability scanners, and endpoint protection solutions.
Proficiency with operating systems (Windows, Linux, Unix) and networking protocols (TCP/IP, DNS, HTTP, etc.).
Proficiency with virtualised environments and devices.
Experience with cloud security (Azure, O365 etc).
Familiarity with security frameworks and standards (NIST, ISO 27001, CE+, etc.).
Strong understanding of risk management and the ability to perform vulnerability assessments and penetration testing.
Ability to analyse and respond to security incidents in a timely and effective manner.
Preferred Skills and Qualifications
Industry certifications such as SSCP, CEH, SC-200 or AZ-500 or similar.
Experience with scripting or automation tools (e.g., Python, Bash, PowerShell).
Familiarity with security tools like Wireshark, Qualys, Metasploit, etc.
Knowledge of DevSecOps principles and practices.
Experience in secure coding practices and application security.
Ability to communicate technical issues to non-technical stakeholders.
Personal Attributes
Strong problem-solving and analytical skills.
Attention to detail with the ability to prioritise tasks effectively.
Excellent written and verbal communication skills.
Ability to work under pressure and in high-stress situations.
Strong team player with the ability to collaborate effectively across departments.
Self-motivated with a passion for continuous learning in the cybersecurity field.
Benefits, Agile Working and Additional information
We embrace agile working and offer a blended approach to where and how we work.
We appreciate that people have different needs and preferences and we’re keen to be flexible, after all, we value what you do, not where you do it.
We have the following hubs across the UK: Birmingham, Bristol, Leicester, Lincoln, London, Milton Keynes, Nottingham, Solihull, Stratford upon Avon, Sheffield and in the South; Crawley, East Grinstead, Lewes, Brighton, Eastbourne, Seaford, Peacehaven, Storrington, Chichester & Southampton as well as our Scotland office located in Edinburgh.
Additional information
Want to find more about our amazing benefits ?
-------------------------------------------------------------------
Please be aware, for some vacancies, where we receive high numbers of applications we may need to bring the close date forward.
Due to the nature of the work undertaken, confirmation of employment will be subject to a variety of checks which will be carried out once an offer of employment is accepted. Details of the checks can be found here.
Equal opportunities
Ampa Group is a committed equal opportunities employer. We seek to attract, develop and retain talented people from a diverse range of backgrounds and cultures. We value and respect individuality and encourage a culture within our business where people can be themselves and be valued for their strengths and experiences. Everyone who either applies to or works for the firm is treated equally, regardless of their gender, age, ethnic origin, nationality, marital status, sexual orientation or religious beliefs.
About Ampa Group
Welcome to Ampa - a leading group of legal and professional services brands, home to leading legal services firms such Shakespeare Martineau, Lime S...
