Security Operations Engineer
We’re Bulb, an independent and renewable energy supplier. We have developed a unique operating model to provide affordable renewable energy to UK homes and businesses. Technology is at the very core of both our business and our members' experiences. We’re also the first and only UK energy supplier to achieve B Corp status.
At Bulb we want to hire people with the experiences necessary to get going quickly, but who are also interested in learning new things and are comfortable working in a changing environment.
Here are some of the things we think will be valuable, but we're also open-minded. If you recognise yourself any of these traits then we’d love for you to send us an application.
You'll spend your time
- Writing, and managing indicator of compromise queries across Bulb’s aggregated logs.
- Responding to, triaging, and investigating potential incidents across Bulb’s laptops, servers, network devices, and cloud systems.
- Teaching other engineers on Bulb’s infrastructure team how to do alert triage.
- Performing and automating in-house network and host security testing.
- Managing third-party penetration tests.
- Acting as incident manager and running interactions with external incident response and forensics teams in the event of a major incident.
- Working with infrastructure automation teams to ensure that programmatically-driven security policies are correct.
- Implementing security orchestration and automation on top of tools like BetterCloud and Okta.
- 3-5 years work experience in operational security
- Hands-on experience with:
- Basic penetration testing tooling like Nessus and Metasploit
- Writing and triaging production security alerts against large data sets, ideally with Splunk Enterprise Security
- Security configuration in Docker, Kubernetes, and Istio
- MISP and other community-centric threat intelligence collections
- Hardening Windows and Linux servers and common services
- AWS, GCP, and cloud security and automation tools like Forsetti and Terraform
- Identity and Access Management systems like GSuite, Azure AD, and Okta, and authentication integration via OAuth, SAML, and LDAP
- Host policy automation using Jamf for OSX and Microsoft Group Policy Objects
- Zeek and Packetfence for on-premises network security
- Some on-call will be required
- Experience mentoring other engineers in security
- Able to act as a cheerleader and champion for security at Bulb
- Ability to thrive and succeed in a dynamic, fast growing, startup environment
- Be part of a growing technology startup and help shape the future of energy.
- Training budget of £1000 a year, plus five working days to spend on professional or personal development. You can use this for training courses, books or conferences.
- 33 days holiday a year (including bank holidays) and the option to buy up to 5 more.
- After a year at Bulb, you can take an additional month of unpaid leave to travel, work on personal projects or simply to recharge and reboot.
- 12 weeks of full pay for maternity, paternity or adoption leave.
- We all own a bit of Bulb.
- Activities to improve your mental and physical well being including office yoga, meditation and Sanctus coaching.
- Healthcare and a pension plan with employer contributions, childcare voucher scheme and a cycle to work scheme.