DV Cleared Cyber Defence Engineer

At Amber Labs, we are a cutting-edge UK and European technology consultancy that prioritises empowering autonomy, promoting experimentation, and facilitating rapid learning to provide exceptional value to our clients. Our company culture is centred around collaboration, where all colleagues, regardless of their role, work together to minimise risk and shorten delivery times. Our team consists of highly-skilled cross-functional consultants, analysts, and support staff.

ROLE: Cyber Defence Engineer
LOCATION: Hereford (On-Site) + FTC
CLEARANCE: Must be DV Cleared

Role Description:

The Cyber Defence Engineer will join a dynamic security team responsible for testing, implementing, deploying, maintaining, configuring, and troubleshooting the SOC’s technology stack, comprising hardware and software. This role will involve aiding in the continuous development and upkeep of data pipelines, signature updates, and fostering the professional growth of the system engineering team.

Tasks:

• Conduct system administration tasks on specific cyber defence applications and systems, encompassing installation, configuration, maintenance, troubleshooting, backup, and restoration.
• Oversee system/server resources, including performance, capacity, availability, serviceability, and recoverability.
• Identify and resolve customer-reported system incidents, problems, and events to ensure ongoing operability.
• Collaborate with SOC and CTI Analysts to develop signatures deployable on cyber defence network tools in response to new or observed threats within the network environment or enclave.
• Manage the compilation, cataloguing, distribution, and retrieval of data from a variety of enterprise networks and data sources.
• Implement data management standards, requirements, and specifications, as well as develop data standards, policies, and procedures.
• Analyze data sources to provide actionable recommendations and facilitate data-gathering methods.
• Share knowledge, skills, and experience, enhance documentation, and provide training to new members of the data engineering team.

Knowledge:

• Familiarity with big data technologies and ecosystems (e.g., NiFi).
• Awareness of current market and emerging leaders in data analytical and SIEM platforms.
• Understanding of network security implementations (e.g., host-based IDS, IPS), including their function and placement in a network.
• Knowledge of intrusion detection systems and signature development.
• Proficiency in front-end collection systems, including network traffic collection, filtering, and selection.
• Understanding of system administration concepts for operating systems such as Unix/Linux, iOS, Android, and Windows operating systems.
• Familiarity with cyber defence and information security policies, procedures, and regulations.
• Understanding of network security architecture concepts, including topology, protocols, components, and principles.

Skills/Experience:

• Prior experience with Enterprise ICS/network architectures and technologies.
• Experience working with frameworks and technologies supporting data-intensive distributed applications.
• Proficiency in maintaining and administering data analytical and SIEM platforms.
• Hands-on experience with host and network-based IDS/IPS.
• Familiarity with packet capture solutions.
• Skill in developing and deploying signatures.
• Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Capability to provide technical and service leadership to junior SOC Engineers (mentor/coach).

Desirable Qualifications/Certifications:

• Red Hat System Administration I & II (RH124/RH134).
• Baseline Cyber Courses (e.g., Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp).
• Certification as an engineer in a market-leading data analysis/SIEM platform.
• SANS SEC501 Advanced Security Essentials Enterprise Defender.
• SANS SEC511 Continuous Monitoring & Security Operations.
• SANS SEC555: SIEM with Tactical Analytics.

Benefits:

• Join a rapidly expanding startup where personal growth is a part of our DNA.
• Benefit from a flexible work environment focused on deliverable outcomes.
• Receive private medical insurance through Aviva.
• Enjoy the benefits of a company pension plan through Nest.
• 25 days of annual leave plus UK bank holidays.
• Access Perkbox, a global employee rewards platform offering discounts, perks, and wellness resources.
• Participate in a generous employee referral program.
• A highly collaborative and collegial environment with opportunities for career advancement.
• Be encouraged to take bold steps and embrace a mindset of experimentation.
• Choose your preferred device, PC or Mac.
  
  

Diversity & Inclusion:

Here at Amber Labs, we are dedicated to fostering an inclusive and equitable workplace for all. Our commitment to diversity, equality, and inclusion includes:

• Valuing the unique experiences, perspectives, and backgrounds of all employees and creating an environment where everyone feels welcomed, respected, and valued.
• Prohibiting all forms of harassment, bullying, discrimination, and victimisation and promoting a culture of dignity and respect for all.
• Educating all new hires on our Diversity and Inclusion policies and ensuring they are aware of their rights and responsibilities to create a safe and inclusive workplace.
• By taking these steps, we are dedicated to building a workplace that reflects and celebrates the diversity of our employees and communities.
  
  

What Happens Next?

Our Talent Acquisition team will be in touch to advise you on the next steps. We have a two-stage interview process for most of our consultants. In certain cases, we may include a third and final stage, which is a conversation with the company Partners. This will only be considered if deemed necessary.