Oxford Nanopore has developed a new generation of nanopore-based sensing technology for faster, information-rich, accessible and affordable molecular analysis. The technology is used to understand and characterise the biology of humans, animals, plants, bacteria, viruses and diseases such as cancer. By enabling biological insights, we strive to improve life on Earth and beyond.
We are looking for an experienced individual to join our Information Security team as an Information Security Engineer in a fast-paced organisation.
The Details...
The InfoSec Engineer in responsible for enhancing the cybersecurity defences of ONT’s information systems.
This role will lead the design, testing, identification and communication of security weaknesses to stakeholders across ONT and improve security controls and practices.
The role looks to fully exploit the security tools available and enhance ONT’s technical assurance activities, working alongside Global IT teams to implement proactive security configurations including Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), User Entity and behaviour Analytics (UEBA), Secure Web Gateway (SWG), Data Loss Prevention (DLP), email filtering, and vulnerability scanning tools.
The InfoSec Engineer has the opportunity to uncover security flaws and control weaknesses across Oxford Nanopore's IT and application estate, while performing security operations functions to bolster the Managed Security Operations Centre (MSOC) in order to protect Oxford Nanopore and its information, and respond in a timely manner to cyber threats.
Key Responsibilities:
- Develop the blue team and threat hunting capability to enhance the technical controls on Oxford Nanopore's IT estate.
- Design, deploy and harden system configuration across enterprise IT devices.
- Perform day-to-day BAU security operation activities including monitoring and responding to security alerts within the SIEM platform.
- Drive efficiency improvements by tuning detection rules within the SIEM.
- Work with the MSOC and as part of the Incident Response Team to triage incidents, identifying false positives.
- Work with third parties to securely configure the platforms contributing to Oxford Nanopore’s security stack: EDR, SIEM/SOAR, SWG, DLP and vulnerability management.
- Advise on security architecture improvements, vendor selection, enhancing existing services and identifying new solutions.
- Produce high-quality technical documentation.
You might be a good fit if you have:
- An interest in uncovering security flaws.
- Experience working within a complex hybrid environment.
- Previous experience with incident response and can bring suggestions on good practices that suit Oxford Nanopore.
- An enthusiasm for self-learning and continually expanding one’s knowledge and skills.
- The ability to work as part of a wider team and be confident in making decisions.
- High attention to detail with excellent organisational and planning skills.
Preferred Skills and Experience:
- Relevant undergraduate degree or relevant experience.
- Previous experience in a similar role such as cybersecurity engineer, SOC analyst, or security specialist.
- Understanding of MITRE attack framework.
- Cybersecurity certification such as OSCP, OSDA, CRTO, GPEN, CDSA, or similar.
- Experience with vulnerability scanning tools like InsightVM or Nexpose.
- Experience with cloud security tools and cloud environments such as AWS.
- Experience with CSPM (Cloud Security Posture Management) tools.
- Experience with TI (Threat Intelligence) tools.
- Experience working within an ISO 27001 compliant environment.
- Familiarity with software engineering or application security.
Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the job.
#LI-JR1
#LI-hybrid