IT Security Engineer

OverviewAs part of Trafigura's IT Security team, you will be at the forefront of protecting one of the world's leading commodity trading companies. You will serve as a senior technical expert within the IT Security Operations Centre, leading sophisticated security incident investigations and advanced threat hunting activities. You will contribute to the continual improvement of security capabilities by crafting customized detections, streamlining processes, and performing forensic analysis. You will be the central contact for SOC analysts, coordinating cross-functional response efforts during critical security events. You will proactively identify threats, conduct root cause analysis, and craft advanced security tools and procedures. The role reports to the Head of Security Engineering who is based in London.Knowledge, Skills and Abilities, Key Responsibilities:Core CompetenciesSecurity Monitoring & Detection: Extensive knowledge of network security architecture, endpoint protection, and cloud security principlesSecurity Information and Event Management (SIEM): Proficiency with Splunk Enterprise Security or similar platforms for advanced correlation, threat hunting, and analyticsEndpoint Detection & Response (EDR): Expert-level experience with Microsoft Defender for Endpoint (or equivalent), including configuration management, alert triage, and response automationThreat Intelligence Integration: Ability to integrate threat feeds into detection systems and develop specialized detection guidelines in response to emerging threatsAdvanced Analytics: Experience with behavioural analytics, anomaly detection, and machine learning-based security monitoring techniquesIncident Response & ForensicsHandling Security Incidents: Proficiency in supervising complicated security situations from detection to resolutionDigital Forensics: Expertise in memory forensics and network forensics to establish incident timeline and scopeMalware Analysis: Advanced skills in static and multifaceted malware analysis, including disassembly, debugging, unpacking, and sandbox analysisActively pinpointing vulnerabilities: Identifying vulnerabilities that have bypassed current security measures through detailed inquiriesIncident Coordination: Directing teams with diverse roles and communicating adeptly with partners during security situationsTechnical ExpertiseScripting & Automation: Strong programming skills in PowerShell, Python, and other relevant languages for security automation and toolingActive Directory & Identity Management: Deep understanding of AD architecture, LDAP queries, and common attack vectors against identity infrastructureOperating System Security: Knowledge of Windows, Linux, and macOS security mechanisms and hardening techniquesNetwork Security: Expertise in network protocols, traffic analysis, and network-based detection techniquesCloud Security: Experience securing assets across major cloud platforms (AWS, Azure) and understanding cloud-specific security controlsKey ResponsibilitiesSecurity OperationsLead complex security investigations requiring advanced forensic techniques and cross-platform analysisDevelop and maintain custom detection rules, playbooks, and response proceduresPerform regular threat hunting exercises to identify potential compromisesAnalyze and validate security alerts escalated from Tier 1 analystsConduct root cause analysis for security incidents and develop mitigation strategiesEngineering & DevelopmentDesign and implement security monitoring improvements and automation workflowsDevelop custom scripts and tools to enhance detection and response capabilitiesMaintain and optimize security tooling, including SIEM content, EDR policies, and detection rulesCollaborate with security architecture teams to improve defensive postureContribute to continuous improvement of security monitoring and response processesLeadership & Knowledge TransferServe as technical escalation point for Tier 1 SOC analystsDocument findings, methodologies, and lessons learned from security incidentsCollaborate with threat intelligence teams to enhance detection capabilitiesQualificationsRequired Experience5+ years of experience in cybersecurity with at least 3 years in a SOC or incident response roleDemonstrated expertise with SIEM platforms, preferably Splunk Enterprise SecurityAdvanced knowledge of Microsoft Defender for Endpoint or similar EDR solutionsExperience with memory forensics tools (e.g., Volatility) and malware analysis techniquesProficiency in at least one scripting language (PowerShell, Python, Perl)Relevant Certifications (not required)GIAC Certified Incident Handler (GCIH)GIAC Reverse Engineering Malware (GREM)GIAC Certified Forensic Analyst (GCFA)Certified Information Systems Security Professional (CISSP)Offensive Security Certified Professional (OSCP)Personal AttributesExceptional analytical and problem-solving abilitiesEffective communication skills for conveying technical concepts to a range of audiencesSelf-motivated with ability to work under pressure during security incidentsDetail-oriented with strong documentation habitsCollaborative mindset and team-oriented approach to security operationsThis role requires a security professional who can handle complex security incidents, perform advanced technical analysis, and provide leadership during critical security events. The successful candidate will combine technical depth with operational excellence to strengthen our security posture and respond effectively to emerging threats.Key Relationships and Department Overview:IT SecurityTrading ITMiddle Office teamsCISO (Chief Information Security Officer)Security Engineering LeadsHead of InfrastructureLead DevelopersDevOps teamsDepartments Overview:IT Security at Trafigura is a global team and is responsible for protecting the company's digital assets, data, and technology infrastructure.Given Trafigura's global presence and the sensitive nature of commodities trading, IT Security plays a critical role in maintaining operational integrity and competitive advantage.Equal Opportunity EmployerWe are an Equal Opportunity Employer and take pride in a diverse workforce We do not discriminate in recruitment, hiring, training, promotion or other employment practices for reasons of race, color, religion, gender, sexual orientation, national origin, age, marital or veteran status, medical condition or handicap, disability, or any other legally protected status.Employment type: Full-timeJob function: Information TechnologyIndustries: Banking, Financial Services, and Oil and Gas #J-18808-Ljbffr