• If you are a skilled Security Engineer with an excellent understanding of cybersecurity principles, best practices and continuous improvement we would love to hear from you
• Extensive experience in designing, deploying and extending enterprise-grade SIEM infrastructure. Ideally with Elastic however experience with others such as Splunk, Sentinel or QRadar will be considered
• Experience with log ingestion, building pipelines, log enrichment, log parsing
• Syslog-ng, Beats, Elastic Agents and Logstash experience
• High level log analytic skills (firewall logs, network logs, authentication logs, system logs, debug logs)
• Experience in designing, implementing and managing Identity and Access Management (IAM) solutions
• Experienced in the UNIX/Linux OS and shell scripting in Bash/zsh
• Ability to write and understand complex regular expressions (PCRE) and understand scripts in languages such as Python, Ruby, Bash, etc
• Hands-on experience managing container platforms such as Kubernetes, AWS EKS, GKE etc
• Experience working with Config Management tool, Terraform, Puppet, Ansible etc
• Experience with utilizing and migrating to one or more cloud technologies such as Microsoft Azure, and AWS
• Working Knowledge of Hashicorp suite of tools, Vault, Terraform etc
• The ability to confidently participate in new security tools implementation, troubleshoot and resolve technical issues related to security tools, working closely with vendors and internal stakeholders to ensure timely resolution
• A high level of knowledge into security events & triggers that lead to security alerts & incidents with deep understanding behind the event correlation, risk factors and the remediation methodology
• Conduct security architecture/engineering reviews and makes changes and/or recommendations regarding configurations, policies on security tools (EDR, NDR, SIEM, Deception, server management)
• Perform routine audits and assessments of security tools to verify their compliance with regulatory standards and as well as internal practices and policies
• Experience in Active Directory, LDAP, Kerberos authentication
• Knowledge of core infrastructure services such as DNS (Route53/Unbound), Identify Management, load balancers, web servers etc
• Experience with SSO technologies
• Excellent team-working skills, and a “can do, let’s get it done” attitude is crucial
• A passion for real-world Information Security - You live and breathe IT security – you want to be the best, without this you simply won’t fit in
• A desire to keep learning, extending your skills and pushing the boundaries of your knowledge

Desirable

• Mimecast is looking for talented and enthusiastic Security Engineer to help build and enhance Mimecast’s high performance Security Team
• You will become a key part of Mimecast’s Security Engineering team that will ensure that Mimecast security engineering remains at the cutting edge of security operations excellence
• You will be working on building and deploying a unique and exciting SIEM solution with Elastic that will ensure the Mimecast Security Team has the best possible tooling to support the SOC and its clients. You will be an integral part of developing the IAM solution
• The goal is to enhance our security monitoring tooling, detections and incident response capabilities using various security platform solutions to provide an enhanced security environment to deliver cutting-edge solutions to elevate our security posture
• As well as working closely with the other teams in Security you will collaborate with the wider Engineering team and Cloud Platform to improve existing security monitoring and deliver resilient security solutions