Cyber Security Engineer
About the team
UK IT is accountable for the delivery of IT services to the UK firm, to other organisation member firms, and occasionally (through client facing teams) clients. The Information Risk & Security team is a key interface between the information protection community within the business and IT, and is responsible to the business for the delivery and operation of information security solutions, tools and services provided by UK IT, in line with agreed business and technology strategies.
The Security Product & Service engineer function sits within the Risk & Security organisation and is taking part in ensuring that UK IT has a holistic, cross functional and customer focused approach to the management of the information security tools, products & services that it provides to UK IT and the business.
The Security Product & Service Engineer function is responsible for ensuring that each tool, product or service is managed as an entity in its own right, having an agreed role, description, stated customer base, and is held to good practice and standard.
A Security Product & Service Engineer is responsible for integrating the tools and technologies to provide necessary information to security analysis and incident response teams within Enterprise Information Security & Assurance. They are tasked with performing advanced configuration, tuning and reporting for the security tool set and identifying methods to leverage the tools for enhanced protection, and assist with incident response activities when necessary.
About the role
A Security Product & Service Engineer will agree with the Enterprise Information Security & Assurance Lead which activities they will have specific responsibility for in relation to the information security services, tools and products within the Team Portfolio.
These activities may include:
- Provides information on technology developments and the firm's IT strategy to assist in the planning process
- Understands the business units' IT plans that are dependent on, or may impact, the service
- Actively ensures fullest alignment of services, tools and technologies with those employed other aligned member firms
- Accountable for the creation and maintenance of the knowledge of the service, including purpose, capabilities, components that make up the service, applications and limitations of the service, technical requirements, dependencies, local operating / administration requirements, user training requirements, support requirements, run book, code, escrow, smoke/ sanity test scripts
- Undertakes product vendor management, including service reviews, analysing and communicating the competitive positioning of products and services available in the market and providing recommendations on future sourcing options
- Maintains relationship with product / service supplier, working with business / vendors to develop new product features and functions
- Creates and maintains product and service roadmaps (in conjunction with CTO):
- Improvement ideas / opportunities
- Product upgrades (e.g. ensuring remain within support / maintenance agreements
- Capacity planning
- Potential new markets and applications
- Longer term plans for the service, including envisaged life span, exit routes, potential replacement
- Ensure service recovery and availability for tools and services is realistic and kept up to date
- Participates in escalated incident and problem management activities (including war rooms)
- Manages the service across the user base
- Understands the service, how it works, interactions with other services and the business context in which the service is used
- Ensures the service meets the business needs in the most cost effective manner
- Defining and agreeing the measures of service quality and value of the products
- Maintains a good understanding of any planned changes (including those generated by Change, Release and Problem Management) to any components within the service and advises on impact
- Reviewing and Approving IT Changes (RFC) to the portfolio landscape to ensure that impacts are warranted and understood
- Works with capacity management to ensure that the service has sufficient capacity to cater for the customer base and how the service is used (e.g. anticipated growth of usage, content etc.)
- Maintains awareness of break-fix activities
- Contributes to, and maintains entries in the service catalogue (inc. service summary and cost)
Range of Impact
- To be able to work with product owners to understand and analyse the end-to-end benefits and limitations of the enterprise/strategic product(s) and to identify opportunities for improvement
- To be able to construct, agree and oversee the implementation of Service improvement plans (SIPs)
- The ability to build relationships and work collaboratively and influence IT contacts, in both the UK and other member firms, business contacts and 3rd party product providers
- Be able to take a holistic view of how IT services operate and apply this to the planning/structuring of the live services and products
- Be a proactive and willing to challenge operational norms and propose solutions and alternative operating modes to complex IT issues
- Be well organised and have good oral and written communication capabilities
- Be able to collate, analyse, report and present technical and statistical information in a way that is meaningful and relevant to their audience
Essential skills and experience
- Undergraduate Degree (e.g., BA, BS) or equivalent experience
- One of the following technical qualifications is preferred -
- Microsoft Certified Systems Engineer
- Certified Information Systems Manager
- Certified Secure Software Lifecycle Professional
- Certified Information Systems Auditor and/or Certified Information Systems Security Professional
- Hold an ITIL Foundation qualification or demonstrate an understanding of ITIL principles and a willingness to undertake further ITIL training
- This person should have a thorough knowledge of Information Technology in order to support dynamic security engineering initiatives for the team
- Thorough knowledge and ability to analyse new networking solutions, identify potential security concerns, develop approaches that can be used to mitigate identified risks, and work with IT teams to implement recommendations
- Demonstrate thorough knowledge and direct experience developing tools/programs utilizing programming/scripting techniques
- Technical knowledge of firewalls, Active Directory, Windows operating systems, intrusion detection/prevention systems, proxy servers, endpoint forensics, breach indicators, and log aggregation technology to conduct analysis and how these solutions help enterprises defend themselves against cyber-attacks
- Strong knowledge of logging and/or monitoring solutions such as one or many of the following: SNORT, SourceFire, RSA Netwitness, RSA Security Analytics, RSA enVision, EnCase Enterprise, FireEye, McAfee ePO, Hadoop, Splunk. Data Loss Prevention systems such as Symantec, Websense etc. Internet gateway solutions such as Websense, Bluecoat etc
- Thorough knowledge and ability to quickly learn about new security technologies, the implementation requirements of those technologies, and how to integrate those technologies into a larger solution
- General understanding of the following programming languages or technologies: Hadoop, HIVE, LUA, ESPER, FreeMarker, PIG, HAWQ, SQL, .NET, Powershell
Internal firm services
In order to deliver a first-class service to our clients, we need first-class support internally. Internal firm services is a network of specialist support professionals and includes marketing, recruitment, human capital, finance, technology, learning and development, procurement, to name but a few. Each team plays a vital role in making sure we have all the right resources, services and technology across our business.
The skills we look for in future employees
All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships.
We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool, as well as those who reflect the diverse nature of our society. And we aim to encourage a culture where people can be themselves and be valued for their strengths. Creating value through diversity is what makes us strong as a business and as an organisation with an increasingly agile workforce, we're open to flexible working arrangements where appropriate.