This is an exciting opportunity for a Cyber Engineer to join our IT Team. We are looking for a new security guru to join our rapidly expanding cybersecurity team, ensuring the security of Google Workspace, Google Compute Platforms and ; You will also be required to generate compliance data, analyse incident response, provide technical SIEM expertise and create scripts and programs to support the technical infosec ; You will also have the skills to design and operate technical security enforcing controls. This is a hybrid / Home Based role with UK travel including ; In return we will offer a competitive salary of up to £75,000, 5 weeks holiday, plus bank holidays, entry into our contributor pension scheme, various employee discount schemes, Perks at work and free on-site parking. The successful candidate will be required to provide original documentation for detailed screening and vetting ;These documents may include your passport, drivers license, utility bill (dated in the last 3 months), HMRC letter, an original bank statement, an original payslip, your birth certificate, a valid share code. This role is working for a leading security and facility services company, provides proactive security services and cutting-edge smart technology to deliver tailored, integrated security solutions that allow clients to focus on their core business. Our acquisition in 2021 expands our footprint and infrastructure on a global and local level. Through our vast network of more than 800,000 employees, we leverage global best practices in communities all over the world. Operating in around more than 80 countries with revenues of $18 billion, we are supported by efficient processes and systems that can only come with scale to help deliver our promise locally: keeping people safe so our communities can thrive. We believe there is no greater purpose than serving and safeguarding customers, communities, and people in today’s world. The main responsibilities for the role of Cyber Engineer are:Ensure the security of Google WorkspaceOwn the technical security of Google WorkspaceConfigure accounts to comply with policy, including making bulk changesDesign and own administrative roles and assign administrative rightsConfigure Google Workspace logging, including to Big QueryReport on Google Workspace security configurationInvestigate incidents and alerts generated from Google Workspace, eg using Security Command CentreCreate security projects to enhance Google WorkspaceUndertake Vault email searchesConfigure email compliance rulesConfigure identity management, eg SAML, OpenID Connect, oAuthMust be familiar with tools such as: GAM, Security Investigation Tool, VaultMust be an expert in Google Workspace security best practices and architectureEnsure the security of Google Compute PlatformOwn the technical security of GCPUndertake vulnerability assessments using Tenable and other tools such as Burp, Metasploit, Nikto, etcUndertake ad hoc scripting to generate compliance data relating to the environmentRespond to security alertsInvestigate alerts and other incidents via the Security Command Centre and other toolsConfigure security logging to Big Query via pub subConfigure Beyond Corp and IAP settingsConfigure cloud armourConfigure GCP IAMCreate security projects to enhance Google Workspace, explore open source and other tools to build proof of concept and deployMust be an expert in GCP security best practices and architectureMust be an expert in Google Beyond Corp architectureEnsure the security of AWSOwn the technical security of AWSConfigure log analytics and CloudwatchConfigure Security Manager and other toolsGenerate compliance dataUsing tools such as SQL, GCSQL and Big Query generate compliance reports and raise tickets for remediationProvide the technical aspects of incident responseOwn the technical aspects of incident responseAnalyse logsCreate alerts for tools based on indicators of compromiseRespond to eventsProvide technical SIEM expertiseOwn the technical design for the internal SIEMBe an expert in best practice design for SIEM and operational managementConfigure Elasticsearch including via the API, configure KibanaCreate necessary scripts and programs to support the technical infosec functionLikely to include Linux shell scripting, PowershellLikely to require coding against tool APIs using Python or similarIntegrate alerts with Google chat and other toolsDesign and operate technical security enforcing controlsAnti virus, DNS filtering, vulnerability management, third party threat databasesCreate automation scripts The Ideal Candidate for the Cyber Engineer role will be an expert in:LinuxWindowsGCP securityAWS securityNetwork security defences (eg firewall, DNS, IDS)Log investigationIncident response and resolving incident issues “Blue Team”Security testing tools and techniques(not full penetration testing) “Red Team”Building from open sourceCreatively introducing new security controls and tools, particularly adapting scripts from GitHubReview of AV, EDR, security tool outputCommon security tools such as Metasploit, Nikto, Shodan, Nessus, OpenVasIn addition, it would be desirable for the Cyber Engineer to be competent in Google Workspace, Scripting and SIEM The successful candidate will be required to provide original documentation for detailed screening and vetting ;These documents may include your passport, driver's license, utility bill (dated in the last 3 months), HMRC letter, an original bank statement, an original payslip, your birth certificate, a valid share code. Benefits: Competitive salary, 5 weeks annual leave plus bank holidays, contributory pension scheme. Please note, this role does not qualify for a visa under the current Government guidelines therefore to be considered for this role you must already have the right to work in the UK. Re-location costs will not be granted. Candidate Source Ltd is an advertising agency. Once you have submitted your application it will be passed to the third party Recruiter who is responsible for processing your application. This will include holding and sharing your personal data, our legal basis for this is legitimate interest subject to your declared interest in a job. Our privacy policy can be found on our website and we can be contacted to confirm who your application has been forwarded to.