Senior Security Engineer

Xe ,
Bracknell, Berkshire

Overview

Job Description

The Senior Security Engineer is a technical security role which sits within our Global IT Operations team. You'll be responsible for security incident response activities, working with IT colleagues to record and report incidents and work with incidents from inception to remediation. You will be required to review changes, handle escalated tickets and major security incidents referred by the IT Team or discovered by our security systems. In addition, you'll be responsible for maintaining and achieving security compliance with regards to internal and regulatory compliance requirements. WHAT YOU'LL DO: * Monitor, detect and analyze threats in various notification platforms, respond and resolve incidents in maximum 4 hours. Drive lessons learned and process documentation to continue to reduce MTTR by 20% in the first 12 months * Ensuring Euronet Security Standard yearly targets are met and work with the SSO to identify the required action plan * Maintain 100% compliance with the external regulations (e.g. PCI DSS, PSD2, Swift, GDPR) including working with external auditors to ensure controls are met and all security recommendations are implemented within the required time * Conduct a minimum of quarterly validation of security implementations and compliance including regulatory requirements * Maintain required security documentation including policies, procedures and guides and be the liaison with the internal and external audit teams * Assess and score security implementation and produce compliance reports (minimum quarterly basis) and provide security compliance-related recommendations as needed for IT Architecture and System Engineering projects including software applications and component reviews (includes Third Party/Vendors/Supply Chain) * Responsible for ensuring all security systems (e.g. AV, internal scans, proxies, Network security devices etc.) and processes are robust and functional and are continuously improving evidenced by valid licenses, signatures are being updated automatically, logs, events and alerts are being sent, there are backups in place, access control is managed with 2FA and AD syncrhonication with auditing enabled and these systems cover at least 95% of assets all the time * Responsible for ensuring the operational integrity of the system with regards to user access processes to key services (cloud and on-premise) and providing expertise to IT teams when needed * Evaluate and provide security recommendations as needed for IT Architecture and System Engineering projects including software applications and component reviews (includes Third Party/Vendors/Supply Chain) * Be an integral part of all key security infrastructure, network, software and systems design teams to ensure systems are built with security principles * Work with various stakeholders in different teams to establish relationships in order to drive various security projects * Maintain and spread awareness of the security compliance landscape relevant to our environment to make users more security-cautious Requirements Essential: * Working knowledge of host and network hardening techniques * Detailed understanding of tools and techniques used by ethical hackers, including vulnerability testing tools and Penetration testing methodologies * Experience with multi-tier web applications, relational databases and firewalls * High level understanding of a wide range of security products such as; IDS/IPS, DLP, cloud security solutions, FIM, proxy servers and AV etc. * Knowledge of GDPR and PSD2 requirements, Rep018 and frameworks like ISO27001 * Basic knowledge of SABSA, TOGAF or COBIT Desirable: * Knowledge of PCI DSS and Swift * CISSP and GIAC qualifications * NIST Benefits * 85,000-100,000 depending on experience plus on-target 10% bonus * 23 days holiday (increasing with service 1 day per annum, capped at 30 days - plus birthday day-off) * Group pension plan 4% employer contribution * Euronet Employee Share Purchase Plan (ESPP) * Healthcare Insurance Scheme, Income Protection Scheme, Life Assurance Scheme * Critical Illness Cover