Join our forward‑thinking team as a Network Security Engineer. You will play a key role in safeguarding our organisation’s network infrastructure as part of the 24×7 Internal Security Response (ISR) team.
When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions to protect against evolving threats. You will collaborate with cross‑functional teams, implement changes securely, identify vulnerabilities, manage security incidents and ensure compliance with industry best practices. The role will also involve optimisation of network security tools, standardisation of network tools, and addressing purple‑team identified improvement areas.
Responsibilities
- Support incident response & triage in a 24/7 SOC environment
- Design, deploy and maintain security solutions across the network
- Collaborate with cross‑functional teams to implement changes securely
- Identify and remediate security vulnerabilities
- Manage security incidents & ensure compliance with industry best practices
- Optimise network security tools and standardise network tools
- Assist in purple‑team initiatives and remediate highlighted areas
Qualifications
- Solid understanding of networking principles (TCP/IP, DNS, routing, switching, VLANs, load balancing)
- Expertise in configuring, maintaining and troubleshooting firewalls (Cisco, Checkpoint, Palo Alto)
- Hands‑on experience with next‑gen firewalls and advanced security features such as IPS/IDS, SSL decryption and deep packet inspection
- Experience managing secure proxy solutions (Bluecoat, F5) and implementing policies for content filtering, SSL inspection and network traffic monitoring
- In‑depth knowledge of security protocols such as IPSec, SSL/TLS, VPNs and two‑factor authentication
- Understanding of network architectures and security zones (DMZ, internal networks)
- Proficiency in monitoring technologies (PRTG, Nagios)
- Understanding of cyber security capabilities and their integration into network infrastructure
- Familiarity with Darktrace Antigena, Respond, Splunk ES or LogRhythm tools
- Strong ability to analyze packet captures to identify malicious traffic (C2, exploitation, lateral movement, data exfiltration)
- Proven ability to review SOC alerting and effectively triage & manage Tier 1 SOC alerts
- Experience with LDAP and application traffic flow root‑cause analysis
- Understanding of OSI reference model and network communication protocols (DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S) and experience with SIEM or network packet capture tools
Benefits & Compensation
- Salary: Circa £50,000 depending on experience, plus shift allowance
- Annual leave: 25 paid days per year with incremental days after 5, 10, and 15 years of service; additional holiday purchase option
- Flexible/Dynamic working: 5 days on‑site per week; hybrid working options; flexibility around hours
- Retirement savings: MBDA Retirement Savings Plan, 4 % employee contribution + 6 % employer, up to 2 % increase
- Company bonus: Up to £2,500 (performance‑based)
- Pension: up to 14 % total contribution
- Paid overtime opportunities
- Flexi‑leave: up to 15 additional days
- Enhanced parental leave: up to 26 weeks (maternity, adoption, shared parental); additional paternity, neonatal leave and fertility support
- Healthcare: private medical insurance (standard and funded options), dental insurance, healthcare cash plan, optical, and charity donation support
- Life & financial wellbeing: free financial webinars, mortgage advice, loan options, tax‑free critical illness lump sum
- Workplace perks: free on‑site gym, subsidised meals, free parking, event access, Tech vouchers, and more
- Security clearance: DV clearance required; additional HMG Basic Personnel Security Standard (BPSS) and Security Check (SC) clearance
MBDA is an equal‑opportunity employer that encourages applications from all backgrounds and is committed to diversity, inclusion and inclusion within the workplace.
#J-18808-Ljbffr…