Senior Security Engineer

Job Purpose and Background

With the successful launch of CDP’s new digital disclosure platform and the expansion of our technological capabilities, ensuring we have robust and dependable security infrastructure and practices that protect the data of our disclosers, and wider ecosystem, is essential to CDP’s long-term future.

We are now embarking on an effort to build a new in-house Cybersecurity team, including a Senior Security Engineer who will play a key role in contributing to and implementing the new global security roadmap, encompassing infrastructure, tooling, policies, procedures, certifications, and training. This is an exciting greenfield opportunity to contribute to shaping and developing a new Security function, leveraging the latest Azure technologies, with a vision of attaining ISO27001 certification in the near-future.

About CDP

CDP is a not-for-profit charity that runs the global disclosure system for investors, companies, cities, states and regions to manage their environmental impacts. The world’s economy looks to CDP as the gold standard of environmental reporting with the richest and most comprehensive dataset on corporate and city action. In 2021 we launched our new five-year strategy: Accelerating the Rate of Change - find out more here. Visit [https://cdp.net/en> or follow us @CDP to find out more.

Key responsibilities include:

• Supporting internal IT staff with security matters and reinforcing key security principals
• Providing cyber security support for IT infrastructure.
• Provide Security analysis and risk assessment, as well as remediate and track results
• Contributing to the maintenance of cyber security plans, policies and processes, and implementing initiatives to ensure compliant.
• Leading internal and external cyber security audits and pen testing all infrastructure, reporting and remediating issues.
• Managing MFA, firewalls, web filtering solutions, antivirus and anti-malware software.
• Evaluating new software and hardware for security vulnerabilities and risks.
• Performing regular monitoring for intrusions / unusual activity and investigating and responding to any threats.
• Performing internal and perimeter firewall configurations and changes.
• Assist with the management and administration of Azure security, Microsoft Sentinel, Defender, and Defender for Cloud
• Assist in the implementation, deployment, management and monitoring of CDP’s security catalogue.

Tech-stack: Azure Sentinel, Azure Log Analytics, Azure Defender and Azure Defender For Cloud, AppCheck, Azure Security, Microsoft Intune, Forcepoint, Cisco Meraki

You will bring the following:

• At least 2 years of relevant working experience in cybersecurity, with a focus on implementing across platforms including security, performance, and reliability.
• Excellent knowledge and experience in public, private and hybrid cloud solutions; Microsoft Azure essential, as well as current trends
• Good knowledge of core infrastructure, designing, engineering, and implementing across platforms including, Wintel, Linux Storage, backups, IaaS (Infrastructure as a Service), and PaaS (Platform as a Service).
• Excellent of knowledge of cybersecurity SaaS providers
• Understanding “Infrastructure as Code”, Terraform, Json, Jenkins and Azure DevOps.
• Understanding of networks, both cloud native and within on-premises data centres.
• Excellent skills in Azure Security
• Excellent interpersonal and client-handling skills, with the ability to manage expectations and simplify detail to key principles and decisions
• Excellent written, verbal and presentation skills in English to properly articulate complicated security requirements to management, key partners and other stakeholders
• Demonstrable ability for a high attention to detail and capacity to be flexible in both process and problem solving.
• Business and organisational awareness, agility to learn, and willingness to challenge and improve
• A positive team player with a high level of self-motivation and drive, committed to achieving high standards, even with challenging deadlines

Preferable:

• Knowledge of infrastructure monitoring/logging, performance and capacity management, automation, and application toolchain (CI/CD) is an advantage

Salary and benefits:

• Competitive NGO salary and 8% Company Pension Program;
• 30 days annual holidays (with purchased leave options);
• Flexible working hours (with option to take flex-days)
• Up to 6 months remote work anywhere in the world
• Paid sabbaticals, enhanced maternity/paternity/adoption leave
• Office offering prayer room and breastfeeding facilities

Before you apply

We’ll only use the information you provide to process your application. For more details on how we use your information, see our applicant’s privacy notice. By uploading your CV and covering letter, you are permitting CDP to use the information you have provided for recruitment purposes.

How to apply:

Please upload your CV in the application form.