Senior SOC Engineer (Cloud)
Senior SOC Engineer (Cloud)
- Location(s): UK Wide
- Salary: Competitive
- Contract Type: Permanent
- Ref: R00TR00093
- Closing Date: 31 October 2021
- We're happy to consider flexible working approaches for this role
Do you have experience in working in a Security Operation Centre (SOC)? Do you relish working across multiple change initiatives and immerse yourself in a team that will stretch and test you?
Do you relish working across multiple change initiatives and immerse yourself in a team that will stretch and test you?
You will help expand our Security Operations team focus in Cloud services , which provides operations, security incident response, and production support for the security services we offer, both on-premise and on our public cloud platforms. You will provide strong technical support, enabling technical decisions to be made.
Nationwide is undergoing a digital transformation journey; our cloud adoption is presenting new challenges and opportunities for improving our overall security posture, all while maintaining and improving our existing excellent capabilities.
For us, it’s not just about having the right security background, you need to be pragmatic, be able to work collaboratively and be driven to learn and succeed.
What you’ll be doing
Working in partnership with our Enterprise Security Operations Centre and Cloud Ops team, you will:
- Identify opportunities to enhance the protective and detective capabilities of our existing security services, both on-prem and Cloud
- Task manage, track and direct a group of security engineers in delivering initiatives.
- Deploy ruleset and policy changes on security control, following a change management process.
- Write security response playbooks and working instructions
- Act as a 2nd line/ 3rd line SOC analyst support, including incident response
- Support engineering of security tooling
- Help provide security metrics and KPIs to the Security leadership team on a regular basis
- Capture and share knowledge and ensure use of good documentation within engineering teams
In addition, you will:
- Build a network including external relationships with other engineers/SMEs to understand best practice and emerging trends within engineering
- Act as an engineering advocate across Nationwide, identifying good practices to adopt and sharing experiences, e.g.: through blog posts, tech talks at technical forums, knowledge share, etc.
As a minimum you’ll:
- Have experience as a senior subject matter expert, working in a Cyber Security teams (e.g. SOC, Cyber Incident Response, Pen Testing).
- Have a foundational understanding of securing cloud technologies (AWS, Azure, GCP).
- Have a basic understanding of containerisation technology (Docker, Kubernetes, Openshift)
- Have a basic understanding of DevOps tools (GitHub, Jenkins, Nexus, Ansible, etc.)
- Have a strong knowledge of privileged access management, vulnerability management, secure remote access, secrets management and access control.
- Able to share expertise and knowledge with the junior members of the team
- Have a problem-solving mindset to propose solutions to continuously improve our service offering
- Have an understanding of threat mapping and frameworks such as NIST, STM, or MITRE.
- Have a creative mindset to propose ideas for integrating existing security controls to improve our visibility and security posture.
- Experience in making ruleset and policy changes on security controls, and keen to learn and implement this on any technology
- Experience in writing or using security incident response playbooks
- Build good working relationships with both technical and business stakeholders, gaining their respect and trust based on your knowledge and professionalism
- Have excellent communication and interpersonal skills.
- Have the ability and desire to quickly learn new technologies.
Experience and knowledge of the following areas would be beneficial:
- Experience of operating cyber security protective monitoring across on-premise and cloud-based technology stacks.
- Cloud Security qualification such as CCSP or CCSK.
- Practical, hands-on experience of infrastructure and end-point security technologies, in cloud and on-premise operating environments.
- Agile project management methodologies
- Scheme and regulatory environments such as PCI DSS and GDPR
- Working with 3rd parties / suppliers
- Hands-on experience with the design, deployment, configuration of cloud technologies.
- Experience in the management of small teams would be advantageous
The extras you’ll get
Our people’s success isn’t based on how long they spend at their desk. While you’ll have contracted hours, we want to offer a flexible environment where possible. That might be working from home, logging on from other offices across the UK, or working part time or compressed hours.
There are all sorts of employee benefits available at Nationwide, including:
- A personal pension – if you put in 7% of your salary, we’ll top up by a further 16%
- Up to 2 days of paid volunteering a year
- Life assurance worth 8x your salary
- A great selection of additional benefits through our salary sacrifice scheme
- Access to an annual performance related bonus
- Access to training to help you develop and progress your career
- 25 days holiday
Why work at Nationwide
We’re a building society founded by ordinary people, our members, who came together to help each other get the most from their money, buy homes and save for their futures. For over 130 years, we’ve supported each other and our communities, and we’ve done the right thing for wider society too.
If you come to work here at Nationwide, you’ll be part of that. Part of something a bit different. And something really quite special.
What’s more, we have a strong ethic of care for each other and our members. We recognise that our employees feel most appreciated when their thoughts and values are respected and considered. We’re committed to creating a culture that recognises and truly values our individual differences and identities. So if you’d like to be a part of an inclusive workplace where you can be yourself, where your talents are nurtured, and you feel empowered to contribute, then please apply and help us in building society, nationwide.
What to do next
If this role is for you, please click the ‘Apply Now’ button. You’ll need to attach your up to date CV and answer a few quick questions for us.
We respond to everyone, and so we will be in contact shortly after the closing date to let you know the outcome of your application.