Cybersecurity Engineer

Job Description

This is an opportunity to join Ascot Group - one of the world's preeminent specialty risk underwriting organizations.

Designed as a modern-era company operating through an ecosystem of interconnected global operating platforms, we're bound by a common mission and purpose: One Ascot. Our greatest strength is a talented team who flourish in a collaborative, inclusive, and entrepreneurial culture, steeped in underwriting excellence, integrity, and a passion to find a better way, The Ascot Way .

The Ascot Way guides our people and our organization. Our underwriting platforms collaborate to find creative ways to deploy our capital in a true cross-product and cross-platform approach. These platforms work as one, deploying our capital creatively through our unique Fusion Model: Client Centric, Risk Centric, Technology Centric.

Built to be resilient, Ascot maximizes client financial security while delivering bespoke products and world class service - both pre- and post-claims. Ascot exists to solve for our clients' brightest tomorrow, through agility, collaboration, resilience, and discipline.

About the role:

This position is part of the Cybersecurity Engineering team, requiring hands-on experience with security tools and frameworks, and a strong understanding of server, network, and system security.

The Cybersecurity Engineer provides technical expertise on both large and small-scale projects to improve and enhance Ascot's cyber security posture, including the global infrastructure environment. The engineer makes operational changes working collaboratively with both IT and other security teams to improve security posture, while ensuring zero operational impact.

The Engineer is involved in product selection and collaborates with the Security Architecture function on selecting new security tools. The Engineer also tests, implements and supports these tools, leveraging knowledge and experience of the enterprise environment.

The successful candidate will play a key role in ensuring that security tools are fully documented, managed consistently and to high standards of operational excellence. The Cybersecurity Engineer also assists in troubleshooting and root cause analysis of complex security incidents.

Responsibilities:

• Maintain and improve the security posture of the global environment through BAU and project changes as part of the formal change management process.

• Provide technical expertise as a Cybersecurity Engineer, participate in the formulation of security engineering best practices, assess security configurations, and document security processes and procedures.

• Work closely with Cyber Defence analysts to identify and address cyber-security issues across environments. Formulate systems and methodologies, respond to security-related events, and assist in remediation efforts.

• Support the full security project delivery life cycle as the Security Engineering subject matter expert and lead engineer, including identifying and implementing security requirements.

• Plan, implement, manage, document, monitor, and upgrade security measures for the protection of information systems and networks.

• Interact with vendors, researchers, and other third parties to escalate security issues, perform vendor selection, and implement Proof of Concepts.

• Be actively involved in all stages of planning initiatives.

• Automate common tasks and processes.

• Implement and contribute to best practice security and set standards.

• Design workflows and document processes.

• Demonstrate the ability to troubleshoot and resolve complex issues.

Requirements:

• Bachelor's degree in Cybersecurity or equivalent.

• Minimum 7 years of experience in a cybersecurity engineering role.

• Preference will be given to candidates who also have additional technical, security vendor or cyber-risk certifications such as CISSP, CompTIA Security+, GSEC, GCIH, CCSP, Microsoft SC-200, CISSP-ISSMP, CTIA, OSCP.

• Proven experience with security technologies such as Firewalls, SIEM platforms, Endpoint Detection & Response, DLP, WAF and Privilege Access Management.

• Familiarity with secure architecture principles, zero trust and cloud security principles and settings.

• Good understanding of Security frameworks NIST CSF, ISO 27001, CIS controls, MITRE ATT&CK.

• Good skills with manipulating large data sets and generating meaningful actionable deductions from reporting outputs.

• Possesses a growth mindset and is able to learn quickly to resolve technical security issues.

• Demonstrates an ability to review security technical assessment reports and recommend and implement remediation plans.

• Demonstrates ability to manage project lifecycles including defining technical milestones and project reporting disciplines.

• Demonstrates a detail-oriented approach and can take a structured approach to procedures and working instructions.

• Works and maintains a calm structured mindset even when under pressure.

• Possesses an aptitude for understanding and analysing data when troubleshooting.

• Possesses strong written communication, critical thinking, and analysis skills, including the ability to present potential risks and actual findings to a wide audience. Ability to communicate complex problems to a non-technical audience.

• Possesses a working understanding of key security concepts and attack types such as phishing, malware, vulnerabilities, AI Security risks, Cyber Kill Chain, and attack stages.

• Possesses an analytical mindset, capable of digesting a wide range of information and makes practical judgements based on available data and context.

• Solid experience with security tools and technologies, including SIEM, intrusion detection systems, EDR, XDR, log analysis, malware analysis and DLP controls.

• Experience of Windows OS from Server 2012 to Server 2022 and Windows 10 to 11 as well as Hyper V and/or VMware solutions.

• Knowledge of typical enterprise technologies: On-premise and cloud base Windows and Linux operating systems (OS), Microsoft Azure, Managed Active Directory / Group Policy, InTune , M365, and Microsoft security technologies as well as the ability to make changes to improve security posture on these systems.

• Demonstrated ability to troubleshoot AD, perform policy rollouts and reporting.

• Demonstrates a working and genuine interest and talent in Cyber Security.

• Possesses a curious and creative growth mindset.

• A hybrid work schedule of two days in the office will be required.