Semmle is a cutting edge software security company, helping to secure the code that runs the world through complex software analysis. With security at the core of our business, we require a Cyber Security Engineer to install/manage security software (including Identity and Access Management), monitor our computer networks for security issues and document/maintain security standards.
Working as part of the IT support team based in Oxford, you will be working alongside our team of skilled system administrators to secure and monitor our systems and networks.
The successful candidate will be responsible for the day to day support and maintenance of the security tooling deployed across Semmle. Working as part of the wider IT team, this role will also include the implementation and testing of new security tools to meet evolving business needs.
- Monitoring/managing security access (IAM) across a range of on-premise and cloud hosted applications and systems
- Vulnerability management for both end user workstations and server/cloud infrastructure/applications
- Remediation of systems directly supported by IT whilst advising engineering teams on how to remediate systems owned outside of IT
- Conducting security assessments through vulnerability testing and risk analysis
- Performing both internal and external security audits
- Analysing security incidents to identify both impact and root cause
- Continuously updating the company’s incident response and disaster recovery plans
- Verifying the security of third-party vendors and collaborating with them to meet our security needs
- Collaborating with the Security Research team/CISO to ensure Semmle maintains the correct cyber security posture
Qualifications and Skills
- Strong Identity and Access Management (IAM) experience for both cloud applications and on-premise hosted applications (Google BeyondCorp etc)
- Experience deploying/maintaining/remediating vulnerability management tools (ideally Qualys) across both workstation, server and cloud environments
- Familiarity with one or more Security Information and Event Management (SIEM) platforms
- Working knowledge of Linux systems (any distribution)
- Ability to prioritise their own workload according to changing business needs and evolving security threats (eg security remediation vs planned maintenance)
- Certifications in a related security practises/technologies
- Good knowledge of Windows 10 workstation security practises
- Familiarity with Mac OS workstation and security practises
- Experience using Jira for task/workload planning
- Experience conducting penetration testing
- Working knowledge of GDPR and other data governance frameworks
- Familiarity with Google G Suite administration/configuration (security policies)
Semmle believes security is a shared responsibility. Our mission is to secure the code that runs the world by bringing the security and development communities together. Google, Microsoft, NASA, Uber, Palantir and many others rely on Semmle’s products to scale their security expertise and quickly explore any codebase to discover zero-days and all variants of vulnerabilities. We empower product security teams to deliver variant analysis results to development teams using LGTM to ship safe code and protect their customers. Semmle's platform enables the security community to collaborate and share their expertise in the field of variant code analysis and security research.
We offer intellectually stimulating work, competitive salaries, and a relaxed work environment in Oxford, Valencia, Copenhagen, New York, San Francisco or Seattle.
How do you apply?
Semmle aims to hire outstanding people who have a diversity of perspectives, ideas and cultures. We actively support diversity and inclusion in the workplace and are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, citizenship, marital status or disability status.
Please complete the following form to apply or feel free to get in touch with Zac Wallis at email@example.com
for more information. www.semmle.com
We encourage applicants to let us know of any accessibility requirements, so that we may provide the best possible support during the application process and your time at Semmle.