Security Operations (SecOps) Engineer

Location

Gloucester, Gloucestershire | United Kingdom

Job description

Working hours: 35 hours per week, Monday to Friday

Duration:  Permanent

Location: Gloucester

Job ref: 202031

About the role

Ecclesiastical Insurance , who are proudly part of  Benefact Group , are looking for a Security Operations (SecOps) Engineer to join our  Gloucester  office.

As a Security Operations Engineer, you will play a critical role in safeguarding the organisation's digital assets by proactively managing and enhancing our security infrastructure. Operating in a DevOps environment, you will be a key player, responsible for seamlessly integrating security practices into the development and operational workflows. This role requires a strong blend of security expertise and a deep understanding of DevOps principles, ensuring that security is not a bottleneck but an integral part of the software development lifecycle. You will collaborate with cross-functional teams to embed security controls, automate security processes, and maintain a secure and compliant infrastructure.

Joining our rapidly expanding and innovative Group presents a fantastic opportunity to develop your career and become an integral part of an inclusive, purpose-led organisation.

Key responsibilities

• Incident Response and Management:
  • Develop and test incident response plans specific to a DevOps environment, ensuring rapid and effective response to security incidents;
  • Conduct post-incident reviews and collaborate on lessons learned to improve incident response processes;
• Security Monitoring and Analysis:
  • Implement and maintain security monitoring tools to provide real-time visibility into the security posture of infrastructure and applications;
  • Develop custom scripts or leverage automation tools to detect and respond to security events
  • Conduct regular analysis of security events to identify and respond to potential threats;
• Vulnerability Management:
  • Perform regular vulnerability assessments and collaborate with system owners to remediate identified vulnerabilities
  • Integrate automated vulnerability scanning into the CI/CD pipeline to identify and remediate vulnerabilities early in the development process;
  • Collaborate with development teams to prioritize and remediate vulnerabilities in a timely manner;
  • Stay informed about the latest security threats, vulnerabilities, and industry best practices;
• Security Automation:
  • Design, implement and maintain automated security processes, reducing manual intervention and improving overall efficiency;
  • Leverage scripting and automation tools to orchestrate security controls and responses;
  • Evaluate, recommend, and implement new security technologies to enhance the overall security posture;

• DevSecOps Integration, Collaboration and Communication:
  • Collaborate with DevOps teams to embed security throughout the development pipeline, integrating security into CI/CD processes;
  • Implement security controls as code (Infrastructure as Code - IaC) to automate and enforce security policies;
  • Work closely with cross-functional teams, including IT, development and compliance to ensure security measures align with organizational goals;
  • Communicate security risks and incidents to technical and non-technical stakeholders in a clear and concise manner;
  • Continuous Improvement:
• Collaborate with DevOps teams to provide security guidance and training, fostering a security-aware culture;
  • Proactively identify areas for security improvement and contribute to the development and implementation of security policies, standards, and procedures;
  • Participate in tabletop exercises and simulations to test incident response plans;

• Container Security:
  • Implement and manage security measures for containerized environments, ensuring the security of Docker containers and Kubernetes clusters;
  • Work closely with DevOps teams to secure container orchestration platforms and microservices architectures.

Knowledge, skills and experience

• Degree-level qualification in Computer Science, Information Technology or a related field, or equivalent experience;
• Experience with DevOps tools and practices, including CI/CD pipelines, version control systems, and infrastructure automation;
• Proficiency in scripting languages (e.g., Python, Bash) and automation tools;
• In-depth knowledge of container security principles and practices;
• Strong understanding of cloud security concepts and technologies;
• Excellent communication and collaboration skills;
• Relevant certifications such as Microsoft Azure Security Engineer Associate, AWS Certified Security – Specialty, Certified Kubernetes Security Specialist (CKS), or DevSecOps Engineer are highly desirable

What we offer

• A competitive salary - let's discuss it
  
  
• Flexible working
  
  
• Group Personal Pension - up to 12% employer contribution
  
  
• Generous annual bonus scheme up to 24%
• 25 days annual leave plus bank holidays, and a holiday buy and sell scheme
  
  
• An array of health and wellbeing benefits, including private healthcare, income protection and life assurance
  
  
• Up to £300 annual personal grant to a charity of your choice
  
  
• Encouraged to take at least one volunteering day per year
  
  
• Employee Assistance Programme
  
  
• Full study support to gain professional qualifications

About us

Benefact Group is a unique international financial services Group made up of over 30 businesses. We are owned by a charity and are currently the UK’s 3rd largest corporate donor, having given away £200 million since 2016. We have ambitious plans to become the UK’s number one corporate donor, with strategic objectives in place to double the Group’s size.  

We believe it’s essential to attract, empower, grow and reward talented people, offering fantastic opportunities for career and personal development. Our giving ethos, 135-year history and the diversity of what we do, has enabled us to build a culture of kindness, great ambition, and of passionate people driven to do better and be better.

At Benefact Group, we are committed to creating an inclusive culture and building an environment where each and every one of us feels valued and respected. We are a community made up of people with a range of different backgrounds, abilities, perspectives, beliefs and interests and we value the strength this brings to us as a Group. We welcome applications from everyone.

If you need any additional support during the recruitment process, then please let us know. 

Winner of the SoGlos Gloucestershire Business Awards ‘Large Business’ of the Year 2023

Job tags

Salary