A global Financial Services company based in Dublin is looking for an experienced Security Engineer that will be responsible for ensuring that the organisation’s security requirements and designs are efficiently managed and maintained. This role will make certain that the quality of security engineering provided is aligned with the global security standards. The candidate for this role will work closely with the rest of the Security Engineering department and will be directly reporting to the Security Engineering Manager.
Solution Security Engineering
Provide expertise, direction and assistance to deliver the automation of security capabilities in CI/CD pipelines, including automation of secrets management and of SAST/DAST/SCA and other security assurance tooling.
Working with development and engineering to integrate security technologies, process and procedures into the automated deployment and validation of solution releases.
Capable of debugging issues through pipelines, spotting anomalous behaviour and diagnosing root causes.
Collaborate and communicate across development and engineering teams to improve and simplify the delivery and use of security tools and services and support their use.
Engage with projects to deliver security automation expertise and project-specific security automation deliverables where required.
Security Tool Administration:
Maintain software version and patch management for security products (including regular software patch updates).
Encryption Key and Certificates management for security products.
IDS/IPS and WAF policies/rules administration and maintenance.
DLP policy/rules administration and maintenance.
Software licensing and renewal.
Automate build, configuration and updates for security tools.
Define web filtering policies for new requirements.
Review or implementation of SIEM rules (incl. False/Positives and remediation). Facilitate use case handovers.
Security on-boarding activities (Device / Project on-boarding/system provisioning/integration for security products).
Research emerging security technologies and applications to benefit HKEX or LME.
Production incidents handling for security products (such as troubleshooting, hardware parts replacement, software bug fixes, vendor support engagement).
Create and maintain security technical engineering standards to meet information security policies and controls, industry standards and best practices, applicable legislative and regulatory requirements.
Complete Low Level Designs and other relevant artefacts required by project lifecycle.
Support engineering colleagues to deliver secure configurations for technology implemented.
Contribute to technology roadmaps and product evaluation.
Provide consultancy and guidance to stakeholders including Architects, Engineering, Operations and Project Managers during project lifecycle.
Promote security engineering practices and educate colleagues.
They also have a secondary responsibility to support or contribute to:
Support L2 SOC Analysts as required.
On call support for out of hours escalation.
Weekly review of all security operation related tasks with SOC L2.
Support SOC perform forensic investigation and malware analysis as needed.
Support and contribute to producing Security dashboards and reporting.
Highly desirable to have a University degree in Computer Science, Information Management, or related field, or equivalent experience.
Highly desirable to have professional qualifications such as CEH, CCNP, CISSP, GIAC (GSEC/GCIH/GCIA).
Minimum 5 years relevant experience in IT security, including direct experience within a Security Engineer role.
Relevant security engineering experience working for financial market infrastructure or financial services providers such as payment processors. A working knowledge of the exchange industry and technologies is of benefit.
Experience in building and maintaining security systems.
Thorough understanding of the latest security principles, techniques, and protocols.
An excellent hands on experience of the following areas or technologies is required:
Scripting and automation tools, Python, Ruby, Go, Groovy or equivalent
Windows and UNIX/Linux operating systems
Agile ways of working, tools and techniques (e.g. Jira, Confluence, stories, sprints, backlogs)
SAST/DAST/IAST/SCA security assurance tooling
Encryption and authentication technologies (e.g. TLS, Kerberos)
Build and deployment pipeline technologies, such as Atlassian stack and Ansible or equivalent
Secrets management and privileged access management
Source code and artefact repositories
Web, network and configuration protocols and technologies (e.g., TCP/IP, HTTP, HTTPS, JSON, YAML)
Identity and access management
Firewall and intrusion detection/prevention technologies
An understanding of the following areas would be of benefit
Application security principles
Secure coding practices, ethical hacking and threat modelling
Cloud deployment, operation and security (AWS or Azure)
Container runtime technologies and container orchestration platforms
Penetration and vulnerability testing tools and techniques
MySQL/MSSQL database platforms
Secure network architectures and technologies
Advanced Persistent Threats (APT) prevention and detection
Ability to tackle and solve complex problems.
Strong ability to research and understand new technical areas
Excellent verbal and written communication skills
Able to write clear and concise documentation
Analyse data and present findings
Must be able to communicate information security-related concepts to technical and non-technical audiences.
Self-motivated and able to work under pressure.
Guide and mentor SOC analysts.
Be respectful of confidentiality.
Work with senior stakeholders across the IT functions and Business.
Quality and delivery focused.
Excellent verbal and written communication skills
Open and approachable, with ability to work well within a team.
Ability to cope within a fast moving high pressure environment, balancing multiple work streams and deliverables