Security Operations Engineer (DevSecOps)

Job Description

About our client :

Our client is a global investment advisory firm focusing on long-term value creation through investment strategies. They work with a diverse group of institutional partners and pride themselves on their collaborative, sustainable, inclusive culture and performance.

What you will be doing :

• Manage day-to-day operations, including support tickets, tasks, and procedures, within the operational security team.
• Participate in daily information security operations, including incident investigation, security tool monitoring and investigation, and escalation management from the managed SOC and threat feed monitoring.
• Provide security posture inputs to ensure the correct application of control requirements and technologies and support and escalation for operational security issues.
• Configure and operate security tools, including endpoint detection and response tools, secure web gateway tooling, and user entity and behavioral analytics.
• Collaborate with technical teams to implement technical security standards that apply industry best practices while considering risk appetite and needs.
• Provide technical security advice for projects and changes, including designing technical controls, reviewing business process controls, and contributing to secure software development lifecycle standards.
• Research emerging threats and vulnerabilities to aid incident identification and support the creation of new architecture, policies, standards, and technologies to address them.

What our client is looking for :

Holds relevant Microsoft or SANS security certifications.

Strong hands-on experience with security technologies, including monitoring, detection, prevention, and control systems.

Skilled in secure software development lifecycles (DevSecOps) and data governance best practices.

Strong involvement in securing CI / CD pipelines using DevSecOps principles.

Proficient in Microsoft security tools (Azure, M365) and frameworks like OWASP Top 10, SANS Top 20, and MITRE ATT&CK.

Working knowledge of ISO 27001 : 2022 and its practical business application.

Well-versed in GDPR, cross-border regulations, and compliance demands in financial services.

Committed to high ethical standards, regulatory alignment, and business integrity.

Experienced in implementing and managing incident response plans.

Comfortable in structured, service-oriented security environments.

Works closely with technical teams to roll out and maintain effective security measures.

Strong problem-solving and troubleshooting skills.

Capable of both deep-dive analysis and high-level threat assessment.

Continuously tracks and adapts to evolving threat actor tactics and mitigation strategies.

Job ID :

J107015

For a more comprehensive list of opportunities that we have on offer, do visit our website - https : / / www.parvana.co.uk / careers

Requirements

DevSecOps, Security Operations, Incident Response, Azure, M365, EDR, SIEM, CI / CD, ISO 27001, OWASP, MITRE ATT&CK, Risk Management, Compliance, Financial Services

Requirements

DevSecOps, Security Operations, Incident Response, Azure, M365, EDR, SIEM, CI / CD, ISO 27001, OWASP, MITRE ATT&CK, Risk Management, Compliance, Financial Services