We are Kocho
Kocho recognise that technology on its own does not deliver change and offers technology adoption services alongside excellent technical consulting to enable our clients to achieve their business goals on their journey to Become Greater.
Our head office is in the heart of London’s West End and provides a comfortable working environment with flexible collaboration spaces that encourage our people to Become Greater with the aim to Do What’s Right.
Kocho is an equal opportunities employer. We make recruitment decisions based on qualifications, skill set and experiences. We consider all suitable candidates regardless of their age, sex, gender reassignment, race, religious beliefs, or lack thereof, marital status, disability or sexual orientation or any other protected characteristic. This mindset aligns with our company values as we understand that we are Better Together.
Here is the role:
As a Security Engineer, you will play a critical role in safeguarding our organization, our clients and our Partners, from cyber threats. You will be responsible for implementing and maintaining security measures to protect our systems, networks, and data from unauthorized access, attacks, and breaches. You will work closely with other members of the Security Operations team and directly with clients to ensure that our security systems are up to date and effective. The Security Engineer provides a critical Tier 2 Incident Response/Escalation Service in addition to the above, though this is not their primary focus it is expected, and Incident Response forms a portion of this role.
As a Security Engineer, your duties will include managing and executing phishing campaigns using our tooling, leading vulnerability scans, and providing valuable feedback with accurately tuned reports. In some instances, you will be expected to deliver technical recommendations on regular Client cadences, with support from a Cyber Security Project Manager. You will spend the majority of your time working with the Microsoft Security Stack and Microsoft Sentinel, deploying and updating KQL analytical rules or Content Hub solutions to improve our detection and response capabilities. You will be responsible for responding to quarantined emails, ensuring that Defender threat policies are effective, and creating Playbooks (Azure Logic Apps) to automate workflows and improve efficiency. You will also be responsible for responding to escalated incidents from Tier 1 triage and covering incident response in your downtime.
In addition to the above, you will regularly be expected to audit and improve Client security environments, largely based around the Microsoft 365 Security Suite, including items such as improving Secure Score, Device Tagging, Defender Policy Management, Exchange Management and all such tasks related to the general Security lifecycle.
This is what we need from you:
- A degree in Computer Science, Cyber Security or a related field
- Or equivalent and demonstrable experience
- Extensive experience in Security Engineering or a related field
- Strong knowledge of security protocols and standards such as ISO 27001, GDPR, and PCI-DSS
- Experience with vulnerability testing and risk analysis
- Knowledge of network and web-related protocols and technologies such as TCP/IP, HTTP, and DNS
- Strong knowledge and understanding of Microsoft Sentinel, Microsoft Defender 365, and Microsoft Defender for Office 365 etc.
- Strong knowledge and understanding of KQL, PowerShell and Azure Services
- Experience using common vulnerability scanning tools and interpreting their results
Would be great if you have:
- Proficiency in certain languages, standards and assemblies/tools such as Python, Bicep, ARM, JSON
- Familiarity with ARM, Jinja2, Codeless Playbooks, Azure Functions
- Professional certifications such as AZ-500, SC-100, SC-200, CISSP, CEH, CYSA+
- GitHub Portfolio of solutions you’ve built
#J-18808-Ljbffr
