Security Operations Engineer- Lead
At OneWeb, we’re on a mission to provide affordable, high-speed Internet access for the world’s unconnected and to achieve the #1 target of the World Society of Information Systems – to create a community access point at every school in the world. We realize this isn’t easy, but we have designed a combination of satellites and ground systems that we know can achieve this, and we believe it is too important not to do. Eliminating extreme poverty, enabling relief for communities during emergencies or disasters, providing health care, clean water and education, starting a business, individual empowerment and civic transparency are all important goals and Internet access is a foundation for solving these global issues.
OneWeb is a technology and infrastructure provider. Our infrastructure enables Mobile carriers, ISPs, and governments, to provide Internet Access to their local and remote populations. Our team’s talent spans fields from semiconductor design, telecom core network and small cell production and deployment, to hyper local rural regulatory and educational challenges. We are developing leading edge technology to solve some of the world’s largest problems – and having a lot of fun doing it!
If building the infrastructure to connect two million schools is something you would like to make happen, then joining OneWeb may be a great personal and career move. We can provide an intellectually challenging workplace and fast growing opportunity with a clear purpose. Come join the team that is making affordable communication ubiquitous on a global scale.
The lead Security Operations Engineer reporting to the head of Global Security Operations, will maintain and manage the OneWeb SCC service architecture, application portfolio and provide engineering support to the 24x7 SCC shift teams.
- Install, configure and update SCC security service architecture and associated applications (enabling log sources, log collectors, forwarding technologies, storage and log correlation/reporting engines etc).
- Identify improvements to existing SCC services/architecture and new SCC service opportunities.
- Work with OneWeb technical design teams (Networks/applications/server based compute etc) to ensure that SCC services are integrated into new designs and deployed architectures.
- Troubleshoot and address performance and capability shortfalls in existing SCC architectures and applications.
- Manage and maintain all existing Protective Monitoring (SIEM) log sources and identify new risk relevant log sources.
- Able to specify and design new SCC service architecture in cooperation with wider OneWeb cross-company technical
- teams and oversee installation and configuration.
- Support and maintain existing SCC architecture (SIEM/Anti Malware/IDS and IPS/Vulnerability Management applications etc).
- Attend and contribute to strategic security architecture meetings and discussions
- To maintain continuous focus on service improvement
Required Skills and Experience:
- IT Security/Information Security – Recognized security professional
- Strong TCP/IP and/or Network Security Knowledge
- Strong written communication (Word/PowerPoint/VISIO etc.)
- Good analytical and problem-solving capabilities with high attention to detail
- Installation and operation of common security tools (SIEM, Vulnerability Management, Anti malware, IDS/IPS etc.)
- Enterprise Firewall Management/Administration/Operational skills
- Security operations support within a global network environment using both IPv4 and IPv6
- Experience working with tools such as Nessus, Metasploit, Nmap etc.
- Technical Security role, or completion of a recognized IT Security Degree.
- Enterprise business environment technical support and administration.
- Experience of working effectively within team based environment.
- Experience of working in a complex multi-disciplinary organization
- Security experience in one or more of following areas:
- Windows systems (multiple versions), Unix (multiple flavours), LDAP, TACACS
Desirable of for more than one technology/vendor:
- Enterprise Security Information & Event Manager (SIEM) technology knowledge
- Enterprise Intrusion Detection Systems/Intrusion Prevention System operation
- Enterprise Firewall Management/Administration/Operation knowledgeo
- Telco/Financial Services/Defense sector
- Commitment to continuous improvement
- Documenting and presenting technical solutions to seniors/execs
- Has worked with global Cloud services or in Hybrid cloud environments
- Two or more of the following recognized security based certifications (similarly aligned certifications may be acceptable)
- Trusted Security Advisor Register (UK)
- HP ASE - ArcSight Administrator (Other SIEM vendor qualification equivalent)
- HP ASE - ArcSight Analyst (Other SIEM vendor qualification equivalent)
- HP ASE - ArcSight Logger (Other SIEM vendor qualification equivalent)
- ArcSight ESM 6.5 Administrator and Analyst (Other SIEM vendor qualification equivalent)
- ATP ArcSight ESM 6.5 Advanced Administrator (Other SIEM vendor qualification equivalent)
- ASE ArcSight ESM 6.5 Advanced Analyst (Other SIEM vendor qualification equivalent)
- ASE ArcSight Logger+ 6.0 Administration and Operations (Other SIEM vendor qualification equivalent)
Tools & Technologies
- Virtualization Hypervisors
- Windows Server
- Microsoft Software Stacks
- Active Directory (2012R2/2016)
- Enterprise Anti Malware
- Enterprise Vulnerability Management toolsets (Rapid7, TRIPWIRE etc)
- MDM Technologies (MobileIron, BES, Airwatch)
• Nagios / HP OpenView
• Configuring and managing Proxies (Web)
• Data Security Marking and Control solutions (DSMC)
• Data Loss Prevention tools (DLP)
• Works under general strategic direction.
• Manages SCC technical priorities, reporting and tactical SCC requirements or issues.
• Uses discretion in identifying and resolving complex problems and assignments.
• Works collaboratively with other technical leads and has their work reviewed at agreed key milestones throughout the OneWeb mission cycle.
• Determines when technical SCC support and operational efficiency issues should be escalated to a higher level.
• Interacts with and influences the embedded engineers within the various OneWeb operational segments
• May be expected to supervise wider SCC team and technical support SMEs
• May make operationally impacting decisions affecting individuals or phases of projects.
• Performs a broad range of work, sometimes complex and non-routine, in a variety of segment environments.
• Variety of complex and interconnects systems to be monitored (Hadoop, ERP, BSS/OSS intra segment firewalls, content inspection etc.)
• Understands and effectively uses a variety of methods, tools & applications.
• Demonstrates good analytical & systematic problem solving.
• Absorbs and applies technical information in a practical and pragmatic manner.
• Able to work well under pressure and tight deadlines
• Contributes towards and produces detailed technical design documentation.
• Communicates effectively and contributes fully to the team.
• Takes initiative in SCC development opportunities.
• Plans their workload competently meeting specific deadlines, whilst following and aligning with OneWeb standards & procedures.
Must have the right to work in the EEA (European Economic Area)
Back to top