Information Security Engineer

Location

Manchester, UK Office

Role type

Full Time

Department

Engineering

Salary

Competitive, dependent on experience

About the role

As we continue to grow and scale, we’re looking for an experienced Information Security Engineer to ensure our customer data is protected from all threats and vulnerabilities. Joining our Security Team, the role focuses on the monitoring and protection of customer data within AWS (Amazon Web Services).

In this key role, you will be responsible for overseeing compliance and security audits, working with internal engineering teams and external security vendors, and testing for vulnerabilities and attack.

A little about you...

  • Ability to juggle many tasks and projects in a fast-moving environment
  • Exposure with at least one programming language (such as, C#, Java, C++, Ruby, Python, etc.)
  • Hands on experience with IT security (application security, threat modelling, cryptography, penetration testing, etc.)
  • An understanding of cloud architecture, web services, distributed systems, or mobile applications
  • Experience with Security Information and Event Management (SIEM) monitoring tools and their use (Splunk, Alien Vault)
  • Demonstrated ability to write business and technical reports and to present to senior level staff or clients
  • Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing
  • Demonstrated ability to write business and technical reports/communications and to present to senior level staff or clients
  • Strong knowledge of server operating systems (e.g. Windows, Linux) and relevant security risks, controls and vulnerabilities
  • Knowledge of relevant domestic and international security standards and best practices such as PCI-DSS, ISO 27001/2, SOX, SOC2/SSAE16, NIST, GDPR and HIPAA
  • Familiarity with vulnerability management concepts, such as CVE and CVSS
  • Familiarity with cloud computing environments and applications in a security context strongly preferred
  • Ability to quickly change priorities and handle simultaneous tasks
  • Significant experience in an information security field

Your responsibilities

  • Participate in internal and external assessments of Interact’s security posture (Vulnerability Assessments, Vulnerability Management, Penetration Testing, Web Application Security, Customer Audits)
  • Monitor for, triage and track remediation of vulnerabilities in Interact’s production systems and networks
  • Conduct routine log review of information security events, investigating and responding as necessary
  • Maintain and enhance monitoring capabilities to ensure the integrity of Interact’s systems and networks
  • Act as a core member of the Incident Response Team, triaging, responding to and reporting incidents and associated metrics
  • Actively participate in the risk review management program, including pre-deployment risk and compliance assessments
  • Manage the relationship with third-party vendors providing services to support application security assessments
  • Coordinating testing with third party vendors and our internal teams at Interact
  • Administer and maintain security products (vulnerability management, web application firewall, AV, SIEM, DLP)
  • Respond to litigation hold and eDiscovery requests
  • Participate in on-call rotation for incident response alerts
  • Conduct regular technical risk assessments of systems and infrastructure
  • Reviewing and ensuring continued compliance with our Infosec Management standards (ISO 27001, HiTrust)
  • Identify and manage the risks related to software development across Interact
  • Responsible for educating the engineering workforce on information security through training and building awareness
  • Evaluate software security products and technologies, as required
  • Help plan and carry out Interact’s information security strategy. Developing a set of security standards and best practices for the organization and recommend security enhancements to management, as needed
  • Interface with our customer’s technical teams

Why you’ll love working for Interact...

  • Competitive salary
  • Pension
  • Healthcare
  • Cycle to Work scheme
  • Life insurance
  • Season ticket/car parking loans
  • Buy & sell holiday
  • Flexible working
  • Reward and recognition scheme
  • Eye care vouchers
  • Long service awards
  • Social events
  • Free Friday lunch
  • Fresh fruit
  • Friday "happy hours"
  • Employee discount scheme
  • Employee Assistance Helpline

Development

Interact Academy

The Interact Academy is our in-house training programme designed to kick-start your training and development from your first day at Interact. You will meet with our CEO and senior managers to hear about our mission and values. You will also find out more about each department to learn how each one fits together and how your role works within them. Alongside this, you will complete your Interact Academy product and role-specific training to give you the tools to be successful in your role.

Product training

The Interact Academy will take you on a journey through our product, enabling you to gain an in-depth understanding of all of its features, users and benefits. You will follow a modular programme increasing in complexity to ensure in-depth understanding to assist you in being successful in your roles.

Role-specific training

As an Interact employee you will also receive in-depth role-specific training to ensure that you are fully knowledgeable about your role and how to make it a success.

Apply for this role






Upto 4MB, doc, docx, pdf, jpg only



Interact uses your information to contact you about our products and services. You can unsubscribe from our communications at any time. Privacy Policy

Free intranet guide

Plan & deploy a successful intranet with our most popular guide

cover image. Download Now