Security Engineer (SIEM / AWS / IAM experience essential)

Mimecast is looking for a talented and enthusiastic Security Engineer to help build and enhance Mimecast’s high performance Security Team. You will become a key part of Mimecast’s Security Engineering team that will ensure that Mimecast security engineering remains at the cutting edge of security operations excellence.

If you are a skilled Security Engineer with an excellent understanding of cybersecurity principles, best practices and continuous improvement we would love to hear from you.

What You'll Do:

You will be working on building and deploying a unique and exciting SIEM solution with Elastic that will ensure the Mimecast Security Team has the best possible tooling to support the SOC and its clients. You will be an integral part of developing the IAM solution. 

The goal is to enhance our security monitoring tooling, detections and incident response capabilities using various security platform solutions to provide an enhanced security environment to deliver cutting-edge solutions to elevate our security posture. 

As well as working closely with the other teams in Security you will collaborate with the wider Engineering team and Cloud Platform to improve existing security monitoring and deliver resilient security solutions. 

What You'll Bring:

• Extensive experience in designing, deploying and extending enterprise-grade SIEM infrastructure. Ideally with Elastic however experience with others such as Splunk, Sentinel or QRadar will be considered. 

• Experience with log ingestion, building pipelines, log enrichment, log parsing. 

• Syslog-ng, Beats, Elastic Agents and Logstash experience. 

• High level log analytic skills (firewall logs, network logs, authentication logs, system logs, debug logs). 

• Experience in designing, implementing and managing Identity and Access Management (IAM) solutions. 

• Experienced in the UNIX/Linux OS and shell scripting in Bash/zsh. 

• Ability to write and understand complex regular expressions (PCRE) and understand scripts in languages such as Python, Ruby, Bash, etc. 

• Hands-on experience managing container platforms such as Kubernetes, AWS EKS, GKE etc.  

• Experience working with Config Management tool, Terraform, Puppet, Ansible etc. 

• Experience with utilizing and migrating to one or more cloud technologies such as Microsoft Azure, and AWS.  

• Working Knowledge of Hashicorp suite of tools, Vault, Terraform etc. 

• The ability to confidently participate in new security tools implementation, troubleshoot and resolve technical issues related to security tools, working closely with vendors and internal stakeholders to ensure timely resolution. 

• A high level of knowledge into security events & triggers that lead to security alerts & incidents with deep understanding behind the event correlation, risk factors and the remediation methodology. 

• Conduct security architecture/engineering reviews and makes changes and/or recommendations regarding configurations, policies on security tools (EDR, NDR, SIEM, Deception, server management). 

• Perform routine audits and assessments of security tools to verify their compliance with regulatory standards and as well as internal practices and policies. 

• Experience in Active Directory, LDAP, Kerberos authentication. 

• Knowledge of core infrastructure services such as DNS (Route53/Unbound), Identify Management, load balancers, web servers etc. 

• Experience with SSO technologies. 

• Excellent team-working skills, and a “can do, let’s get it done” attitude is crucial. 

• A passion for real-world Information Security - You live and breathe IT security – you want to be the best, without this you simply won’t fit in. 

• A desire to keep learning, extending your skills and pushing the boundaries of your knowledge. 

Desirable Skills:

• Proxmox experience or experience in other virtualisation solutions.  

• Experience implementing observability and monitoring tooling for application and infrastructure metrics, logs and traces (eg OpenTelementry, Prometheus, Grafana, Elastic, Cloud Watch, Loki). 

• Specialty in one or more of the following Information Security domains: Cyber Intelligence Analysis, Threat Monitoring, Incident Response, Machine Learning & Artificial Intelligence, Malware Analysis, Computer Forensics, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Platform Security, Identity & Access Management, Security Education & Awareness, Vulnerability Scanning & Management, and Compliance & Risk Management.  

• Information Security and/or Information Technology industry certification (CISSP, CISM, CEH, Azure and AWS equivalent) preferred. 

• An undergraduate or higher degree in computing with a strong security component. 

What We Bring:
We are Mimecasters. And we are alive with purpose.

Your personal and professional growth matter to us. At Mimecast, we provide the tools, training, and mentorship necessary to elevate your skills and expertise continually. As you thrive, so does the organization, creating a symbiotic relationship that fuels our collective success. In return, we promise you first-class development, hybrid working, ample rewards with an uncapped commission structure, and a company culture you’ll find it difficult not to fall in love with.

In addition to applying, sign up for our Talent Community and stay connected through our career blog, company updates and events which may be of interest. More importantly .... be visible to our Global Talent Acquisition Team and be the first to receive new opportunities which may align with your skills and career aspirations. https://crm.mimecast.com/flows/talentcommunity

We look forward to hearing from you!

#LI-MB1

DEI Statement

Cybersecurity is a community effort. That’s why we’re committed to building an inclusive, diverse community that celebrates and welcomes everyone – unless they’re a cybercriminal, of course.

We’re proud to be an Equal Opportunity and Affirmative Action Employer, and we’d encourage you to join us whatever your background. We particularly welcome applicants from traditionally underrepresented groups.

We consider everyone equally: your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won’t affect your application.

Due to certain obligations to our customers, an offer of employment will be subject to your successful completion of applicable background checks, conducted in accordance with local law.

DEI Statement

Cybersecurity is a community effort. That’s why we’re committed to building an inclusive, diverse community that celebrates and welcomes everyone – unless they’re a cybercriminal, of course.

We’re proud to be an Equal Opportunity and Affirmative Action Employer, and we’d encourage you to join us whatever your background. We particularly welcome applicants from traditionally underrepresented groups.

We consider everyone equally: your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won’t affect your application.

Due to certain obligations to our customers, an offer of employment will be subject to your successful completion of applicable background checks, conducted in accordance with local law.