Information Security Engineer

Background

The world around us is experiencing significant change, the greatest in generations.

At McLaren Applied, we’re accelerating the response to that change. Our vision is that our people and technologies will pioneer a better future. Our mission is to achieve breakthroughs in performance.

We’re at the cutting edge of innovation in industries including automotive transportation and motorsport. We create solutions that drive efficiency and cost-effectiveness.

We want to help reduce the carbon footprint and become more sustainable. Our focus is on electrification and telemetry, control and analytics.

To deliver efficient lightweight electric powertrain and vehicle development; motorsport solutions that make series more sustainable and efficient; reliable connectivity solutions for transportation and insightful analytics and monitoring of transport fleets.

By applying our expertise, we deliver real benefits and pioneer a better future.

Purpose of the Role

To develop and operationally run security solutions with the overarching goal of securing our people, assets, and products through the effective implementation of collaborative and enduring security processes and technology.

Scope of Role

1. Deliver modern security controls and risk reduction initiatives that implement both tactical and strategic capabilities across our on-premise and cloud-hosted solutions, including:
2. Secure configuration of endpoints, OS, applications, containers and PaaS services, aligning to best practice for certifications (i.e., ISO27001)
3. Data classification and data loss prevention
4. Log collection and SIEM/SOAR monitoring and automated response
5. Security testing, including automated testing and assessing formal penetration tests
6. Contribute to the development of our security architecture and associated roadmap
7. Act as point of contact for Managed Detection and Response (MDR) services
8. Partner with our product teams to develop and embed our security solutions in a standardised way, enabling the overall adoption of our security architecture. Act as security consultant across a range of delivery work to establish security as a business enabler

Principal Accountabilities

1. Identification and delivery of new compliance controls and procedures required for certification and re-certification
2. Information and cyber security management of corporate and product assets
3. Security solution assurance against company standards and industry best practice
4. Security operations, including direct management (incident detection and response) and outsourced security management, within organisational SLAs
5. Operating and maintaining the company risk register
6. Produce routine security reporting to assist with investment decision making and value being derived from continuous improvement work

Knowledge, Skills, Qualifications and Experience

1. Strong experience in securing hybrid cloud platforms and workloads, covering Azure, Hyper-V and AWS
2. Experience with M365 and Entra ID
3. Strong experience with software (DevSecOps) and hardware engineering lifecycles and associated tooling
4. Experience in the operational running of SIEM/SOAR technologies, ideally including Azure Sentinel/Purview
5. Information security frameworks, with experience of maintaining certification programmes (ISO27001) and aligned with standards in the automotive and rail industry
6. Any of the following certifications would be an advantage:
1. EC-Council Certified Ethical Hacker, Certified Penetration Testing Professional, Certified Cloud Security Engineer
2. ISC2 Systems Security Certified Practitioner, Certified Cloud Security Professional, Certified Secure Software Lifecycle Professional
3. Any Microsoft SC-coded certification
4. AWS Security Specialty
7. Strong communication skills and able to talk with authority about security trends, current threats and appropriate mitigation

What we can offer you:

In return for everything you bring to the table, we can ensure an exciting, challenging role in a dynamic business surrounded by some of the best people in their respective fields.

At McLaren Applied we firmly believe it’s the relationships and friendships we create while working that make us special. We’re also aware that the world is changing and we are part of that change. We all want and need different things from our work and home lives, so, if you have commitments outside of work, we’re open to talking through flexible working options that work for you and us.

1. Annual leave (25 days + bank holidays, pro-rated for part-time colleagues).
2. Enhanced Company Maternity, Paternity and Adoption leave and pay.
3. Flexible working policies, including Hybrid Working.
4. Life assurance to the value of 4 times base salary
5. Opportunity to join the McLaren Applied Pension Plan
6. Company funded individual private healthcare with the opportunity to extend to partner or spouse and/or dependents at a discounted rate.
7. Ride-to-work with Evans Cycles – take advantage of the Government’s Cycle-to-Work scheme which offers savings of up to 42% on the cost of a new bike, cycling accessories and components.
8. Electric car scheme – opportunity to drive a brand-new car in a more affordable way through this salary sacrifice scheme. Employees are eligible to join the scheme after successful completion of their probationary period.

McLaren Applied are committed to Diversity, Equality and Inclusion (DEI) and promote DEI in all we do. McLaren Applied are also members of the UK Government Disability Confident Scheme.