As a Linux Infrastructure Security Engineer (SIEM), you will have a strong understanding of infrastructure environments and will have the opportunity to be part of the operational security team within IT. The purpose of this role is to ensure the normal operation of infrastructure and partake in security related projects, which are designed to protect the organisation and customers.
- Install, manage and maintain all Linux based systems within the group including web and internet based systems.
- Install, manage and maintain all file transfers and related systems utilised by the group.
- Provide 3rd-line support for Linux based systems including out of hours on a rota basis as defined by the company.
- Backup and support the DBA and Middleware support functions.
- Provide 3rd line Red Hat Linux Infrastructure support. Install, test, troubleshoot and modify new equipment/solutions to achieve maximum performance
- Prove technical expertise in the development and deployment of service infrastructure, driving improved technical and service performance
- Design and drive processes to facilitate smooth and seamless deployment of new services
- Supervise the delivery of 3rd party suppliers and contractors to ensure that delivery specification and standards meet requirements
- Standardise equipment to minimise disruption and contribute to the continuous improvement of policies, processes and procedures
- Document and maintain the configuration of Linux systems.
- Diagnose and troubleshoot system problems.
- Establish and maintain appropriate procedures for monitoring system performance & usage.
- Write scripts to assist with procedures and monitoring controls.
- Adhere to key policies, procedures and controls in line with company standards.
- Manage and maintain both physical and virtual (VMware) server environments.
- Manage and maintain the web system databases used by the web infrastructure.
- General administration of the Linux systems; user, folder and file management; management of DNS, NFS, SAMBA, SMTP, Apache, IP Tables etc.
- Manage and maintain internet services such as DNS and MX records; PGP Keys servers etc.
- Manage and maintain the secure email gateway and internet cache servers.
- Define, set up, manage, maintain and document internal and external secure file transfers using appropriate tools and systems.
- Regularly monitor all critical and internet facing Linux servers for signs of intrusion and respond appropriately.
- Respond (resolve queries/issues) to regular penetration tests.
- Provide support in response to requests for technical help.
- Provide support, on a best efforts basis, for DB and middleware systems and platforms.
- Work closely with development teams, DBA’s, architects and environment owners to design, plan and build infrastructure to meet business requirements.
- Advise on implementing infrastructure technology that improves performance and efficiency of systems and processes.
- Develop personal or technical skills and capability through on-going training as provided by, or approved by HR.
- Act, behave appropriately and comply with the internal rules and regulations with the general ethical standards expected by relevant Regulatory Authorities, particularly in, but not limited to, proactively protecting and safeguarding the interests of its clients, the integrity of the markets and the Group's reputation.
- Comply with all applicable legal, regulatory and Group's internal Compliance requirements including, but not limited to, Financial Security, Know Your Customer due diligence, International Financial Sanctions, Client Interest Protection, Market Integrity, Data Protection.
- Carry out any other task associated with the role as reasonably requested.
Required Skills and Work Experience
- Educated to Degree level (preferably a computing degree)
- In-depth RHEL (5+ years administration)
- Virtualisation - VMWare vSphere
- 3rd line level operational infrastructure support
- keen interest in IT security
- Hands on security Vulnerability, pen-testing, hacking/finding gaps in the product security
- Excellent scripting skills (Perl/Bash/Java/Python/Go)
- Excellent troubleshooting skills
- LAMP stack
- Monitoring: Nagios; Munin
- Managed File Transfer Solutions
- Clearswift Secure Email Gateway
- PGP Universal Server
- VMware Virtualisation Technology
- ITIL v3
- Understanding of networks (troubleshooting to packet level)
- SIEM Certification
- Computing or related Degree
- Driving license
- ITIL Foundation
Any Other Additional Requirements
- Ability to work to a shift rota
- Ability to provide 24/7 on-call cover on a rota basis