Cambridge, UK

Senior IT Security Engineer

The Opportunity

Featurespace is looking for an experienced and dedicated Senior IT Security Engineer to join our growing IT Security team based out of our Cambridge office.

In your role as Senior IT Security Engineer, you will join the Featurespace Security Team where you will be responsible for supporting the organisation through its security enhancement programme.

You’ll be responsible for taking on security tasks, ensuring good practices are being followed from a security perspective, implementation of information security tools, and contributing to policy and process enhancement. You’ll work closely with the IT team and other business stakeholders to maintain a robust security posture.

Day to Day

  • Iterate network security posture to better protect against attacks and detect new vectors
  • Research/evaluate emerging security threats and ways to mitigate them
  • Test and evaluate security products as part of designing new security systems or upgrading existing systems
  • Ensure all processes and controls that fall within your area of responsibility are operating effectively and are correctly evidenced as working
  • Ensure standards and best practices are adhered to for systems
  • Monitor for attacks, intrusions and unusual, unauthorised, or illegal activity
  • Use analytic tools to determine emerging threat patterns and vulnerabilities
  • Identify potential weaknesses and implement appropriate measures
  • Investigate breaches of security and recommend appropriate technology and control improvements
  • Engage in Red Team Exercises , e.g. simulating security breaches
  • Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards
  • Act on vulnerability information and conduct security risk assessments and business impact analysis on information systems
  • Liaise with stakeholders in relation to security issues and provide recommendations
  • Mentor and evangelise security practices through cross-functional work with IT and engineering teams
  • Stay up to date with the latest security and technology trends and development
  • Contribute to development of information security policy, standards, and guidelines
  • Ensure your work is compliant with legal requirements, external standards requirements, and Featurespace IT-related policies
Apply for job

Meet Lucy, Head of Data Science Operations at Featurespace

Check out Lucy’s blog to see what life at Featurespace is really like!

Read Lucy's blog

About you

Must haves:

  • Ability to review system changes for security implications and recommend improvements
  • Experience implementing security in AWS or other cloud service providers
  • Expertise in analysing and identifying security weaknesses across a heterogeneous IT environment
  • Ability to demonstrate initiative by suggesting modifications to existing tools or technologies or developing new tools that improve security for the business
  • Experience of analytic systems based on tools such as Elastic stack, Splunk or LogRythm
  • Experience scoping, implementing, and managing some or all the following:
    • SIEM – Security information and event management
    • IAM – Identity and access management
    • APT – Advanced Persistent threat detection
    • VA – Vulnerability Analysis and mitigation
    • DLP – Data loss prevention
  • Experience in one of the following areas: Securing networks, systems and/or application architectures
  • Experience and understanding across some of the following technology areas, SaaS, IaaS, networks, firewalls, storage, virtualization
  • Understand the concepts and application of Windows and Linux ACL, OS level security protection and common protocols e.g. TCP, HTTPS, IPMI, DHCP etc.
  • Current knowledge of technology capabilities and trends; types, and techniques of common hacking attacks in the wild
  • Proficient in Python, bash, PowerShell

 

Great to haves:

  • Experience with automation tools such as Ansible, Chef, Salt or Puppet
  • Knowledge of Windows and Linux systems administration
  • Knowledge of OWASP (Open Web Application Security Project) Top Ten Risk Factors
  • Good awareness of ITIL standards and best practice within an operational environment
  • Experience working in an ISO27001/2, PCI-DSS, or SOC 2 environment
  • A relevant technical/professional security certification, such as COMP-TIA Network+, Security+, SANS GIAC, CISSP, for example

Personal Qualities

The work is often challenging and fast paced. We are looking for someone who has the following qualities:

  • Enjoys working in a team of like-minded and intelligent people
  • A focus on personal achievement and responsibilities
  • A desire to work for one of the fastest growing fraud prevention technologies in the world
  • Enthusiasm

 

And most importantly, a small-company attitude: willingness to adapt to a variable role and a great can-do attitude.

How to apply

If you think you’re a good fit for the role above, we would love to hear from you.

Fill out the short application form, upload your CV and one of the team will get back to you.

Please note: we are only able to accept applications from people who are already eligible to work in the UK.

If you have any questions or queries regarding this role, or life at Featurespace, please contact [email protected]

Featurespace Job Application Privacy Notice

Featurespace Ltd., is committed to comply with the General Data Protection Legislation and any implementing legislation (the “Data Protection Legislation”) and will process your Personal Data in accordance with the Data Protection Legislation and information security legislation. Any capitalised terms used in this Privacy Notice shall be given the same definition as in the Data Protection Legislation.

This Privacy Notice sets out the basis on which Featurespace Ltd will process Personal Data relating to job applicants.

The Data Controller is Featurespace Ltd., 3rd Floor, Broers Building, Hauser Forum, 21 JJ Thomson Avenue, Cambridge CB3 0FA

Data refers to both Personal Data and Special Categories of Data. Your job application and the Personal Data held within it will be processed to assess your viability for the stated role. We may also process any information that you provide about your health, for the sole purpose of assessing whether any adjustments may need to be made to the recruitment process to accommodate you . If your application is unsuccessful, Featurespace will retain your Data for 24 months after the end of the recruitment process. Your Personal Data is processed in accordance with our legitimate interests of making sound recruitment decisions. You are under no obligation to provide us with your Personal Data. However without this, we cannot assess your job application. We will only process information about your health for the purpose of making reasonable adjustments to the recruitment process (if applicable), in accordance with our legal obligations. You have the following rights in relation to the processing of your Data: The right to be informed about how your Data is processed. You have the right to object to the processing of your Data based on our legitimate interests as outlined above. The right of access, to your Data and supplementary information relating to our use of your Data. In certain circumstances, we reserve the right to charge you for exercising this right. The right to rectification, if your Data is inaccurate or incomplete. In certain circumstances, the right to erasure, request the deletion of, or removal of, your Data. In certain circumstances, the right to restrict processing, block any further processing of your Data. We shall respond to any request made by you without delay and in any case within a month of your request. The right to complain to the Information Commissioner’s Office if you believe that your data protection/privacy rights have been breached. Your application will be submitted and stored on an application database (Greenhouse). Access to your Data on Greenhouse is limited to the relevant persons for your application- our internal recruiters, the hiring manager and interviewer(s). Your CV may be printed and shown to consulted decision makers, any physical copies will be securely and confidentially destroyed after a decision has been made on your application. Your CV is transferred to a third country, outside of the EEA, when it is processed by Greenhouse. Greenhouse meet the technical and organisational data security measures outlined in the GDPR Article 32, and are SOC2 Type II certified. We do not envisage that any decision will be taken about your application using automated means.