Cyberfort

1 Job

141 Employees

About the Company

At Cyberfort we are passionate about the cyber security services we deliver for our customers which keeps their people, data, systems and technology infrastructure secure, resilient and compliant.

Our business offers National Cyber Security Centre assured Consultancy services, Identification and Protection against cyber-attacks, proactive Detection and Response to security incidents through our security operations centre and a Secure and Recover set of Cloud solutions which keeps data safely stored, managed and available 24/7/365.

Over the past 20 years we have combined our market leading accreditations, peerless cyber security expertise, strong technology partnerships, investment in our future cyber professionals and secure locations to deliver a cyber security experience for customers which enables them to achieve their business and technology goals in an ever-changing digital world.

Listed Jobs

Company Name: Cyberfort
Job Title: Cyber Security Engineer - Defence
Job Description: Job Title:
Cyber Security Engineer
Reporting to:
Head of Defence and Aerospace Consultancy
Location:
Remote with travel to customer site (Feltham)
Role Requirements:
Must hold a current government security vetting at SC level OR Be eligible to obtain such clearance.
Must be currently resident in the UK
Must have resided in the UK for the last 5 years consecutively.
Desirable
Previous experience within defence.
Delivering Security within agile projects
Reward Package:
Salary Package - £65,000 - £85,000 DOE
25 days annual holiday + Birthday off in addition and option to buy/sell additional 5 days
Company Pension Scheme
Private medical Cover
Life Assurance
Extensive non-taxable benefits
THE ROLE
This is an exciting opportunity to join our world class Consultancy arm, as a Senior/Lead Cyber Security Risk Consultant, supporting the next phase of Cyberfort’s growth. You’ll be joining a culture of knowledge sharing and continuous learning with expert peers in Secure Architecture and Risk planning. We work across a number of sectors with a diverse client base. We aim to create an environment where everyone can reach their full potential. We work together, we are passionate, creative, and we embrace difference.
In this role you’ll work within our Consulting team, supporting new and existing clients across various sectors to define and implement security risk assessment and best practice solutions that match their requirements. You’ll work in close partnership with clients to ensure the delivery of expert services by complementing their inhouse Information and Cyber Security resources combining expertise in information security, solution architecture and business advice.

As a Security Consultant, you will be involved in a variety of work which may include responsibility for leading, advising and implementing risk management frameworks, Information Security Management Systems, Enterprise Security Risk Management (2nd line assurance), 1st line identification of risks relating to Security Architecture, maintaining an awareness of published vulnerabilities and best practices across various platforms, especially cloud infrastructures, leading and delivering security assurance coordinator activities, providing Security & Information Risk Advice. Working across the business and multiple technology platforms, you will play a key role in ensuring our clients make the best use of their existing technology and make proportionate, risk-informed decisions, ensuring protection of client assets and transformation of their security architecture.

This role forms part of the wider Consultancy team and will work cross functionally with the Delivery Managers and others to support and assure project delivery through all phases of the agile workflow. As a team we’re always looking to raise the bar, learn new things and incorporate new technologies and you will too! You’ll share your knowledge with the team and the wider Cyberfort community, contributing to Group blogs and undertaking research related to technology enhancements.

Responsibilities:
General Responsibilities:

Vulnerability Scanning & Reporting
Perform regular vulnerability scans and generate reports utilising the below tool sets. The process should be focused on ensuring that the below tool sets are kept up to date and ensure that scans are performed regularly to help assist the Vulnerability and Patch Manager with identifying weaknesses in the system.
SonarQube: perform regular scans with SonarQube to audit code quality metrics, potential bugs, and security vulnerabilities.
Trivvy: perform regular scans with Trivvy to identify vulnerabilities within containers.
Nessus: perform regular Nessus scans and ensure that the warehouse and plugins are kept up to date to capture new vulnerabilities.
Reporting: assist the Vulnerability and Patch Manager with generating regular vulnerability management reports, which are to be provided to the P-ASG cyber security and IA lead.

Endpoint Security
Trellix: perform regular updates to Trellix to ensure the latest packages are applied and policies are amended to keep up to date with new and emerging threats.
Antivirus and Anti-malware Protection: perform compliance checks to ensure that antivirus and anti-malware protection is deployed successfully and being kept up to date by the relevant team.
Firewalls: perform compliance checks and regular audits of Firewall rules to ensure that unauthorised access and threats are being blocked.
Access Control: ensuring that access controls have been implemented correctly to only allow authorised users to gain access to certain data and systems.

Incident Management & Tickets
Incident Identification: help to recognise and confirm potential incidents through alerts, logs and user reports. This includes distinguishing between true threats and false positives.
Incident Response: respond to potential security breaches or cyber-attacks. The main effort should focus on containment, mitigating the damage, investigation of the root cause of the incident and restoring to normal operations.
Ticket Requests: respond to and resolve any tickets raised to the Leidos Security group on SD+ that require Cyber Security Engineering input.

System Hardening
Patch Updates to Security Products: ensure that the following security tool sets are kept up to date with regular security patches and software updates to fix vulnerabilities and improve system security:
Trellix
Bolden James
Nessus
SonarQube
Trivvy
System Compliance: perform regular system compliance audits and updates to ensure that the systems are compliant with industry best practices. This includes CIS, STIG, NIST etc.
Security Enforcing Group Policy Objects (GPOs): perform regular reviews and updates to security enforcing GPOs to ensure that they are compliant and fit for purpose.
Vulnerability Assessments: conduct periodic assessments to identify and address potential vulnerabilities.

Change Work
Security Impact Triage Tool (SITT): if a SITT is required for new software or hardware then it is the responsibility of the Cyber Security Engineer to fill out Section 2 of the SITT tool.
Security Evaluation, Testing and Assurance (ST&V): perform Security, Evaluation, Testing and Assurance activities for any new changes that are planned in as part of PI Planning.

Participation in Regular Meetings
Cyber Security Engineers are expected to lead or attend numerous meetings that require their input. This includes the following:
Security Working Group (SWG): Lead Cyber Security Engineer to attend.
Vulnerability Triage: Lead Cyber Security Engineer to manage and other Cyber Security Engineers to attend.
Security Workshop: All Cyber Security Engineers to attend.
PI Planning: Change Cyber Security Engineers to participate and attend.
Daily Standups (Blue/Green Team): Change Cyber Security Engineers to attend every day.

Documentation
Cyber Security Engineers are responsible for creating, maintaining and reviewing detailed documentation...

United Kingdom

Remote

03-03-2025