Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to enhance security strategies and protect vital information systems.
- Company: Be part of a leading financial services company in Bristol, committed to innovation and security.
- Benefits: Enjoy hybrid working, competitive salary, and opportunities for professional growth.
- Why this job: Make a real impact on security while working in a dynamic and supportive environment.
- Qualifications: Experience in Security Operations and knowledge of security frameworks like ISO27001 required.
- Other info: This is a permanent role with a focus on career development and skill enhancement.
The predicted salary is between 42000 - 84000 Β£ per year.
Information Technology Security Engineer Bristol β Hybrid Working / 1 or 2 days per week onsite Fantastic new permanent opportunity for an experienced Cyber Security Engineer with this large financial services company based in Bristol. As a key member of the Planning, Architecture & Security services team, the role will be at the forefront of the companyβs security strategy, ensuring the confidentiality, integrity and availability of all their information and information systems. This role will focus on security and quality control in the IT department and will include designing, building and securing scalable and robust systems. This role will help the company understand security threats and help create strategies to protect the businesses assets and interests. Main responsibilities: Proactively identify information security deficiencies or opportunities for improvement and facilitate development of pragmatic solutions. Plan, implement and upgrade security measures and controls. Establish plans and protocols to protect digital files and information systems against unauthorized access, modification and/or destruction. Contribute to the IT Strategy planning process with regards to Information Security, ISO27001/27002 developments. Provide advisory and consulting support to help the Company improve its security posture and adhere to security policies, expected controls and regulatory requirements. Maintain data and monitor security access. Perform vulnerability testing, risk analyses and security assessments. Define, implement and maintain corporate security policies. Anticipate security alerts, incidents and disasters and reduce their likelihood. Perform information security reviews of the core business and group business as well as third parties. Identify and document areas of IT Risk related to Information/Cyber Security. Support IT Risk Management by proposing appropriate risk mitigation and control measures. Skills Required: A proven background within Security Operations / Network Security and Security Engineering. Able to demonstrate a good understanding of information security frameworks, standards and security best practice (ISO27001, NIST CSF, Mitre Att&ck Framework, OWASP). Experience in designing secure components (e.g. networks, systems, applications, security technologies) Knowledge of and skills in at least one scripting language such as PowerShell. Comprehensive knowledge of network design, defence-in-depth principles and network security architecture. Extensive experience and understanding of security analysis tools, defensive technologies and other security technologies (e.g. SIEM, VAS, IDS/IPS, Firewalls, IAM, PAM, NAC, Email Security, Web filtering, Patch management, Anti-malware). Experience in identifying, detecting, applying protection, responding and remediating to security incidents to within business risk appetite. Strong working knowledge of authentication technologies (e.g. two-factor, multifactor). Strong proficiency in using the Microsoft Ecosystem such as Active Directory and MS Entra ID, including GPO, DNS, DHCP. Knowledge of endpoint security solutions (e.g. HIDS, anti-malware, file integrity, DLP). AWS, Azure and other cloud platforms, including hybrid cloud (e.g. SaaS, IaaS, PaaS). System administration, supporting multiple platforms and applications. Skilled in conducting vulnerability scans and identifying vulnerabilities in systems. Effective technical and non-technical communication skills to provide security support for colleagues, at all levels, across the business. For any further queries regarding the role or to apply, please contact Danny Palmer at danny.palmer@sandersonplc.com . Seniority level Mid-Senior level Employment type Full-time Job function Information Technology Industries Financial Services and Insurance #J-18808-Ljbffr
Contact Detail:
Sanderson Recruiting Team
danny.palmer@sandersonplc.com
StudySmarter Expert Advice π€«
We think this is how you could land Information Technology Security Engineer
β¨Tip Number 1
Familiarise yourself with the specific security frameworks mentioned in the job description, such as ISO27001 and NIST CSF. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and alignment with the company's security strategy.
β¨Tip Number 2
Showcase your hands-on experience with security analysis tools and technologies like SIEM and firewalls. Prepare examples of how you've used these tools to identify and mitigate security threats in previous roles, as this will highlight your practical skills.
β¨Tip Number 3
Brush up on your knowledge of cloud security, especially if you have experience with AWS or Azure. Be ready to discuss how you've implemented security measures in cloud environments, as this is crucial for the role.
β¨Tip Number 4
Prepare to discuss your approach to risk management and how you've previously identified and mitigated IT risks. This will show that you can contribute effectively to the company's security posture and align with their strategic goals.
We think you need these skills to ace Information Technology Security Engineer
Some tips for your application π«‘
Tailor Your CV: Make sure your CV highlights relevant experience in Cyber Security and IT Security Engineering. Focus on specific projects or roles where you've implemented security measures, conducted vulnerability assessments, or worked with security frameworks like ISO27001.
Craft a Strong Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Mention how your skills align with their needs, particularly in areas like risk management, security protocols, and your understanding of security technologies.
Showcase Relevant Skills: Clearly list your technical skills that are pertinent to the job description, such as knowledge of scripting languages, experience with security tools, and familiarity with cloud platforms. Use specific examples to demonstrate your expertise.
Highlight Continuous Learning: Mention any certifications or ongoing education related to Cyber Security, such as CISSP, CISM, or courses on security frameworks. This shows your commitment to staying updated in the field and enhances your application.
How to prepare for a job interview at Sanderson
β¨Showcase Your Technical Skills
Be prepared to discuss your experience with security frameworks like ISO27001 and NIST CSF. Highlight specific projects where you designed secure systems or implemented security measures, as this will demonstrate your hands-on expertise.
β¨Understand the Company's Security Strategy
Research the company's current security posture and any recent incidents they may have faced. This knowledge will allow you to tailor your responses and show that you're genuinely interested in contributing to their security strategy.
β¨Prepare for Scenario-Based Questions
Expect questions that ask how you would handle specific security incidents or vulnerabilities. Practise articulating your thought process and the steps you would take to mitigate risks, as this will showcase your problem-solving abilities.
β¨Communicate Effectively
Since the role requires collaboration across various levels of the business, practice explaining complex security concepts in simple terms. This will demonstrate your ability to communicate effectively with both technical and non-technical colleagues.
