Handmade by craftsmen, every Sofology sofa is the product of thoughtful design and the very best materials. You’ll find incredible mixtures of texture, Italian leathers and Velvets, cushion fillings engineered for more comfort and lower maintenance. Hand finished details such as studding, stitching and solid turned feet are standard and feel better in every way. Why come home to average when you can feel this good?
We are seeking to recruit an experienced IT Security Engineer who will help establish and maintain a culture of information and technology security through a structured programme of work and an IT security framework that will protect Sofology’s systems, services, data and critical assets.
The role will primarily focus on application security, network security, vulnerability management, incident response and identity management while ensuring the organisation adheres to regulations and industry best practices.
- Contribute to solution design discussions so that security is baked in from the start of technology projects.
- Work with the business to implement adequate controls and data retention strategies.
- Identify enhancements to IT tools, standards, and processes to reduceremove security vulnerabilities.
- Develop Patch management solution and process.
- Penetration Testing and Vulnerability Assessment.
- Proactive horizon scanning for threats as they emerge and the defence of those threats.
- Data confidentiality, integrity, and availability.
- Work with the IT teams to establish data and system restoration protocols.
- Educate development teams on security best practices.
- Standard security measures, advanced/intelligent security measures, access control, encryption and data loss prevention.
- Be able to clearly articulate security concerns to the wider business and technology teams.
- Knowledge and use of Fortinet and Sonicwall firewalls.
- Knowledge and use of Meraki wifi and mobile device management.
- Web Proxy implementations
- Windows and Linux OS Security Auditing
- Log filtering, aggregation and analysis.
- Deep understanding of security vulnerabilities in software (both native and web)
- Experience with next generation anti-virus software, intrusion detection, firewalls and content filtering.
- Deep understanding of PCI-DSS
- Understanding of GDPR
- Knowledge of application security vulnerabilities (OWASP TOP10),
- Implementation and enforcement of Best Practices for Network and Server Security.
- Experience with data encryption