Cyber Security Engineer in England

Condé Nast is a global media company producing the highest quality content with a footprint of more than 1 billion consumers in 32 territories through print, digital, video and social platforms. The company's portfolio includes many of the world's most respected and influential media properties including Vogue, Vanity Fair, Glamour, Self, GQ, The New Yorker, Condé Nast Traveler/Traveller, Allure, AD, Bon Appétit and Wired, among others.

Location: London, GB

Condé Nast thrives on collaboration, and our teams come together in the office four days a week (Monday - Thursday). We value diversity of background, views and cultures. We celebrate people for their personal qualities, skills and contributions, recognising the power our brands have to influence and shape culture.

The Role

Condé Nast is looking for a Security Engineer to join our global Cyber Security team. The role sits within the Security Engineering team, reporting to the Senior Security Architecture Manager. The Cyber Security Team underpins Conde Nast's security posture, delivering information security and cyber risk management, security operations and the global SOC, security architecture, application security, and security engineering. This role supports the team with the day to day administration, maintenance and tuning of our security tools as part of regular BAU activities. The successful candidate must have worked with a diverse range of security tools in the past within medium to large organisations. The Security Engineering team is tasked with the deployment and lifecycle management of security technologies across our global infrastructure. A primary focus of this role is ensuring the health, performance, and optimization of our defensive stack. The ideal candidate brings a proven track record in managing SIEM, XDR/EDR, and Vulnerability Management ecosystems as well as other detection and response tooling, required by Security Operations.

• Develop, enhance, and maintain Conde Nast's security tooling in close collaboration with the Security Architecture team.
• Administer, maintain and continuously improve core security platforms, including SIEM (InsightIDR/Splunk), Endpoint Detection and Response, and Vulnerability Management solutions.
• Develop and refine SOC use cases to deliver high-quality, actionable alerts and improve threat detection and response.
• Define, create and tune detection rules, automating response actions within tooling.
• Troubleshoot technical issues when they arise, working with vendor support teams.
• Implement new technical security controls and tooling across regions to address identified security gaps, working closely with technology stakeholders.
• Support the design and implementation of new security solutions, contributing to low-level design and ensuring alignment with approved security solution architectures.
• Work with regional teams to ensure compliance with centrally defined security policies, partnering with architecture to remediate gaps where required.
• Carry out security testing of tooling to ensure our tools are providing effective detection and response capabilities.
• Support the SOC team, when requested, with incident response investigations.
• Support the engineering team with the management of PAM tooling when required.

Who you are:

• 5+ years' experience in cyber security, ideally working within a senior role.
• Strong background in security engineering and enterprise security tooling.
• Expertise in at least three areas: Security Engineering, Network Security, Identity Access Management, Privileged Access Management, Security Testing.
• Experience with SIEM and log management platforms (e.g. InsightIDR, Splunk).
• Experience administering Vulnerability Management platforms (e.g. Rapid7).
• Experience with Detection & Response technologies (NDR, EDR, XDR).
• Strong knowledge of Windows, Linux, networking, Active Directory, and AWS.
• Understanding of NIST and PCI-DSS frameworks.
• Experience implementing, configuring, and tuning security tools.
• Proficiency with Python / PowerShell for task automation and Terraform for codifying and auditing cloud security controls.
• Excellent written and verbal communication skills.

Desirable

• Experience with CyberArk Privilege Cloud and enterprise IAM platforms (Okta, Ping).
• Experience with Secure Cloud Analytics / Cloud NDR.
• Security certifications (CISSP, Security+, AWS Security, AWS Solutions Architect).
• Networking certifications (CCNA, CCNP, Network+).

Please upload your CV and cover letter/portfolio, which highlights why you'd love to take on this role and why you're a great match for what we're looking for. We value the time and effort behind every application. All submissions are reviewed by a member of our talent team - we don't use AI-assisted technology to review applications.

25 days holiday (plus...