IT Security Engineer - prem AD, EntraID, M365, IDAM solutions, SentinelOne, CrowdStrike, Defender

IT Security Engineer - prem AD, EntraID, M365, IDAM solutions, SentinelOne, CrowdStrike, Defender, Routing/Switching, WAN, Wi-Fi, Cisco

Our leading global law firm client are recruiting for an IT Security Engineer (prem AD, EntraID, M365, IDAM solutions, SentinelOne, CrowdStrike, Defender, Routing/Switching, WAN, Wi-Fi, Cisco) on a 12 month fixed term contract basis to support the Information Security team to ensure continuous security improvement.

The Security Engineer will report to Information Security Operations Manager and work with the Information Security Operations team for implementing and maintaining our security controls and tools. Work collaboratively with other departments to improve our security posture.

They will be specifically responsible for completing the implementation of a number of strategic based security solutions for new security tooling or existing.

The engineer will also participate in security related service management processes (incident, change and problem management) and will participate in the planning, design, enforcement and review of security controls which protect the integrity of the firm.

Essential Duties and Responsibilities for this IT Security Engineer (prem AD, EntraID, M365, IDAM solutions, SentinelOne, CrowdStrike, Defender, Routing/Switching, WAN, Wi-Fi, Cisco) are:

• Support the Information Security team to ensure continuous security improvement.
• Support and deliver secure design and implementation for the firms IT security maturity programme projects.
• Support the integration of new IT Security technologies. Introduce and integrate tools to enhance internal capabilities for routine security testing activities.
• Develop and deploy tools and automation to streamline common IT Security Operations tasks.
• Identify areas of cyber security improvement to ensure cyber security and data security by design controls.
• Collaborate closely with IT and Development teams to embed security-by-design principles into development processes.
• Conduct reviews of existing tools and processes, identifying gaps and implementing enhancements to strengthen our security posture.
• Perform security scanning and vulnerability management, taking proactive measures to reduce operational risks.
• Monitor security alerts and implement mitigations to safeguard against potential threats and attacks.
• Support Data Loss Prevention (DLP) solutions that protect corporate data across platforms, devices, and environments globally.
• Monitoring and managing responses to the Security Incidents and Security DLP.
• Standard, third party and privilege Identity Access Management
• Operate, manage and improve HSM key management infrastructure.
• Remediation of external, internal vulnerabilities, web application scanning and patch compliance.
• Cyber Incident Management and or Security Forensic experience.
• Documenting High Low and Detailed Level designs for review and presentation.
• Representing IT security at the Change Authority Board, Architecture Review Board
• Attend IT and Security operational meetings.

Required Experience

Between 5 - 10 years Cyber Security Engineer experience. Hands-on technical support experience in IT and Network Security Engineering and/or Systems Engineering roles.

• Substantial experience in Security Technology Management and Incident Response, including proficiency in SOC, Malware, Ransomware, Threat Analytics, Server and Endpoint security.
• Must be proficient in writing up documentation. Clear and concise presenting skills.
• Strong communication and interpersonal skills with to effectively collaborate with cross-functional teams and convey complex security concepts to non-technical stakeholders.
• Excellent problem-solving and analytical skills to identify and address security vulnerabilities.
• Ability to work under pressure and respond quickly to security incidents or emerging threats.
• Proficiency with operating systems (e.g., Windows, Linux) and command-line interfaces.
• Must have proficiency in programming/scripting languages such as PowerShell (preferred), Python, Perl, etc.
• Strong understanding of network, cloud computing and application of security controls across such architectures.
• Experience with network security, incident management, and penetration testing.
• Strong up-to-date knowledge of Cyber Security.

Required Skills

• Experience with EDR and Anti-Virus/Malware management such as SentinelOne, CrowdStrike and Defender.
• Demonstrated ability working with IT System Administration of Azure, Defender (ATP), M365 and Windows.
• Experience with Identity Access and Management (IDAM) solutions. CyberArk and ENTRA ID
• Familiarity with conditional/remote access toolsets. ENTRA, DUO SSO & MFA gateway.
• Good knowledge in Network (Routing and Switching, WAN, Wi-Fi) and Network Access Control (NAC) management. Cisco & Palo Alto.
• Good knowledge of next-gen application Firewalls, anti-malware, cloud proxies and CASB. Forcepoint, Palo Alto Firewall, and Cisco NAC experience
• Good knowledge of MS Defender for Cloud, Storage (SQL) and CSPM.
• Proficient with Data loss prevention tools experience, such as MS Purview Compliance Manager and Tessian
• Security monitoring, SIEM tooling such as Exabeam, QRadar, Splunk and Sentinel.
• Experience with Azure (security centre) and M365 cloud infrastructure and configuration and on-premises Active Directory
• Experience in Cloud email security gateway services, Microsoft Exchange Online, Mimecast and DMARC.
• Experience developing policies, procedures related to cryptography, key-vault certificate management and HSM. Azure and Thales.
• Familiarity with Hyper-V, VMware and Citrix.
• Practical understanding of SCCM or enterprise patch management tools
• Experience with Qualys or enterprise Vulnerability Management and Compliance toolsets.