Security Operations Engineer

Belfast, Northern Ireland, United Kingdom

Security Operations Engineer, AWS Environment (SecOps), Idox Cloud

Home based, with occasional travel.

About the role

This is an opportunity for a talented and experienced Security Operations Engineer with a broad understanding of security fundamentals in a cloud solution, AWS environment. We would like to hire a SecOps professional to have a strong focus on ensuring the security posture of our AWS environment. The role involves designing, implementing, and maintaining security measures in collaboration with the corporate security team to protect our infrastructure, applications, and data hosted on AWS. The ideal candidate will have expertise in AWS, with knowledge of how to secure web applications running on Kubernetes.

We would like to meet candidates who have had experience working on solutions for a variety of different, multiple customer projects – all applying appropriate best practice, quality assurance and governance, as appropriate for each project. The SecOps Engineer will take a proactive approach to security matters and risk management, leading investigations, root cause analysis and vulnerabilities under the guidance of the cloud architecture team. There may be an opportunity to develop a management profile in your specialism as we grow.

This position is remote, virtually attached to the Idox office in Belfast. Occasional travel to meet with teams for project kickoffs, reviews, and for team collaboration will be required.

Idox will provide resources, mentoring and a competitive benefits package (including flexible working), designed to reward success as you achieve your own professional development goals and at the same time, support your well-being.

Key responsibilities:

Security Architecture Design: Design, implement, and maintain security architecture for our AWS environment, ensuring it aligns with industry best practices and compliance standards.

Threat Detection and Incident Response: Develop and maintain detection mechanisms for security threats and incidents within AWS infrastructure, including EC2 instances, Kubernetes clusters, Docker containers, S3 buckets, and RDS databases. Respond promptly to security incidents and conduct thorough post-incident analysis to prevent future occurrences.

Vulnerability Management: Conduct regular vulnerability assessments and penetration testing on AWS resources, identifying and remediating vulnerabilities in a timely manner. Implement and manage automated scanning tools to ensure continuous security monitoring.

Secure Configuration Management: Establish and enforce secure configuration standards for EC2 instances, Kubernetes clusters, Docker containers, S3 buckets, and RDS databases. Automate configuration management processes using infrastructure-as-code tools (Terraform).

Security Compliance: Ensure AWS infrastructure and applications comply with relevant security regulations and standards, such as GDPR, ISO-27001, and our own information security management system. Conduct regular audits and assessments to maintain compliance and prepare necessary documentation for audits.

Security Monitoring and Logging: Implement and manage security monitoring tools to track and analyze activities within the AWS environment. Maintain centralized logging for all AWS services and develop custom alerts for security events.

Incident Response Planning and Training: Develop and maintain incident response plans for security incidents occurring within the AWS environment. Conduct regular tabletop exercises and training sessions to ensure readiness of the incident response team.

Collaboration and Knowledge Sharing: Collaborate with cross-functional teams including DevOps, developers, and system administrators to integrate security practices into the CI/CD pipeline and development process. Provide security guidance and mentorship to team members. Adherence to Idox Information Security policies and protocols.

To be successful, you should bring:

• Bachelor’s degree in Computer Science, Information Security or relevant commercial experience.

• 3+ years of experience in security operations, with a focus on AWS environments.

• Strong understanding of AWS services including EC2, EKS, Cloudfront, S3, and RDS.

• Experience securing web applications

• Solid understanding of networking concepts and protocols, including TCP/IP, DNS, and HTTP/S.

Desirable attributes (not essential)

• Professional certifications such as AWS Certified Security - Specialty, CISSP, or CISM preferred

• Experience with security tools such as AWS GuardDuty, WAF, Security Hub, Inspector, Qualys, Wiz.io

• Proficiency in scripting languages such as Python, Bash, or PowerShell

• Excellent analytical and problem-solving skills, with the ability to prioritize tasks and work independently

• Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.

About Idox

Our specialist software solutions power the performance of government and industry, driving productivity and a better experience for everyone. Built around the user and designed in collaboration with experts who have worked through every detail of every process from end-to-end, our hard-working process engines deliver exceptional functionality and embed workflows that drive efficiency and best practice with a long-term focus for regulated environments.

Through the automation of tasks, the simplification of complex operations, finding scalability as operations evolve, and more effective management of information, we help our customers harness the power of Digital, so they can do more.

We employ around 650 staff in the UK and worldwide, including Europe, North America and Asia, so some travel to meet colleagues may be required.

Our Values, Our Culture

We are ambitious in working together to promote a more inclusive environment, which attracts all candidates and signals our commitment to celebrate and promote diversity. Idox is a company where we can all be ourselves and succeed on merit, where we respect all our employees, customers and communities in which we live, work and are a part of.

We recruit and reward employees based on capability and performance – regardless of race, gender, sexual orientation, gender identity or expression, lifestyle, age, educational background, national origin, religion or physical ability. Each office location worldwide, is free to respond to local needs to create a culturally sensitive workplace for everyone. In doing so, we want every employee to feel our commitment to showing respect for all and encouraging open collaboration and communication.

Our Benefits Flex to Fit

We recognise that for individuals, the opportunity to work flexibly can enable them to achieve a better work-life balance along with a greater sense of responsibility, ownership and control of their working life. During the pandemic, all our employees successfully transitioned to remote working and we are open to conversations on work patterns to suit our employees needs such as change to working times; part time working; term time working; 9-day fortnight. We are proud to be a flexible employer enabling effective hybrid working for our employees.

How to apply

Please submit a CV, and a short cover letter (maximum 500 words - including salary expectation, and current remuneration) explaining why you feel you would be suited to this role.

Please note successful applicants will need to satisfy the BPSS guidelines (Baseline Personnel Security Standards) which consist of the receipt of satisfactory references covering the last 3 years of employment; an identity check; verification of eligibility to work in the UK; and a Basic Disclosure Check. This is in order to help us make safer recruitment decisions.

Privacy notice

As part of the recruitment process, we will collect data about you in a variety of ways including the information you would normally include in a CV or a job application cover letter, or notes made by our recruiting officers during a recruitment interview.

Please read our Recruitment Data Privacy Policy here: https://www.idoxgroup.com/policies