Security Infrastructure Engineer

Location: Corsham / Hybrid

We have an urgent need for a Security Infrastructure Engineer to support the Security team installing, configuring and updating servers and software components.

Who will validate the engineering designs are JSP 453 compliant, providing the supporting evidence and documentation.

Working with the Engineering, Design and Security teams to identify security risks, recommending mitigations and solutions.

Advise on the benefits of in-service and emergent cyber security technologies, presenting recommended courses of action (CoA) and associated cost/risk analysis.

• Ubuntu and/or Linux System administration
• LDAP Design and Management
• RADIUS / TACACS configuration
• Significant, demonstrable, experience in providing security engineering input to the installation, configuration, maintenance, administration, and support of related or similar solutions.
• Significant demonstr experience in understanding and administration of PKI Hierarchy.
• Demonstrable experience of security policy frameworks including, but not limited to, NIST CSF, ISO 27001 and MOD-specific concepts including MoD Secure by Design (SbD).
• Experience in providing security engineering input to the implementation of:
  • Virtualisation technologies such as VMware ESXi 8 and VCentre 8.
  • Network infrastructure such as CISCO IOS-XE, CISCO ASA, BGP, VRF/MPLS, VPN, QoS.
• Clear understanding of JSP 604/453 network security engineering compliance

• Relevant Cyber Security qualifications such as CompTIA Security+, GIAC Security Essentials Certification, Systems Security Certified Practitioner.

• Device automation using scripting such as Python / PHP
• Delivering against high pressure timelines and in complex organisations.
• Writing and analysing technical requirements.
• Conducting product selections against complex requirements, specifically measuring performance, cost, and time.
• Working as part of a large technical team.
• Experience of Cyber Essentials/Cyber Essentials Plus.
• Experience of Penetration Testing and IT System security.
• In-date professional registration with organisations such as APMG or CIISec
• Strong critical thinking and analytical skills to solve problems through innovative and practical solutions.
• Working within the public sector, preferably Defence Digital (formerly ISS).
• Delivering accredited secure solutions within the UK Public Sector.
• Delivering in Agile (SAFE4) and Waterfall projects
• SCOM.

Due to the nature of the work, candidates are required to hold a DV or hold current SC and be willing to undergo UK National Security Vetting procedures to achieve DV clearance