Copper.co is hiring a

Web3 Security Engineer

Department environment

Copper’s Information Security department keep the business’ systems and network resources secure and protect the company, employees, and client data.

The Security Engineer is a key role within Information Security department responsible for building and maintaining Copper’s suite of security tools.

You will work closely with the Security Architecture team to deploy and ensure the operating effectiveness of security controls within the business. This is an exciting opportunity that will expose you to many different aspects of security while working closely with other technical teams from across the organisation.

Key Responsibilities of the role

Security Systems Configuration and Analysis

• Configure security systems according to specified requirements.
• Analyse current security setups and recommend improvements to enhance security posture.
• Deploy and assess security baseline hardening (CIS, Microsoft, STIG).

Identity and Access Management (IAM)

• Responsible for configuring and implementing Identity and Access Management solutions and supporting systems, including Entra ID (AAD), Identity Governance, and AWS Identity Centre.
• Manage permission settings and access controls to ensure secure and efficient user access to company resources.

Security Practices and Technical Advice

• Consult with staff, managers, and executives to advocate best security practices.
• Provide technical advice on security measures and potential enhancements.
• Create or update policies and procedures to align with industry regulations and best practices.

Security Risk Management

• Manage vulnerability scanning tools to identify and mitigate security risks across endpoints and cloud infrastructure.
• Conduct risk assessment activities to identify potential threats and develop plans to address vulnerabilities.
• Ensure security controls comply with SOC2 framework and other regulatory requirements.

SIEM Management and Log Analysis

• Design and implement solutions for log shipping to managed SIEM systems, such as Microsoft Sentinel. Expectation for this role is you will oversee the integration of diverse data sources, including network logs, application logs, and security feeds, to enhance the analytical capabilities of our security systems.
• Assist Security Operations team to tune and create alert logic for SIEM and other security tools to effectively monitor and respond to security incidents.

Security Solution Inventory and Maintenance

• Maintain an inventory of security solutions like firewalls and anti-virus software.
• Regularly review and recommend changes or upgrades to existing security tools.

Scripting and Automation

• Utilise PowerShell/Bash scripting for automation of security tasks.
• Develop and maintain scripts for efficient operation and response within the security infrastructure

Your experience, skills and knowledge

• Microsoft 365 and Azure Security: Demonstrated expertise in securing corporate environments using Microsoft 365 and Azure Security tools. This includes effectively managing Azure Active Directory, implementing robust identity governance frameworks, and deploying Azure Sentinel for advanced threat protection. Proficiency in utilising Microsoft 365 Defender and Microsoft Purview to safeguard cloud applications, alongside a proven track record in enhancing security posture through Azure Information Protection and Intune.
• AWS Security: Skilled in leveraging AWS security services to fortify cloud infrastructure. This encompasses deploying GuardDuty and AWS Security Hub for continuous security monitoring and threat detection, managing AWS Identity and Access Management to ensure robust access controls, and utilising Route 53 and Key Management Service for enhanced security and encryption.
• Device Management and Security: Proven experience in managing and securing a diverse range of devices using Jamf Pro and Jamf Protect. Expertise includes hardening Windows, macOS, Android, and iOS operating systems, ensuring these platforms are resilient against security threats.
• Scripting and Automation: Demonstrated ability in using scripting languages like PowerShell, Bash, and Python to automate security tasks, streamline processes, and enhance system efficiencies.
• Log Management and Analysis: Proficient in the management and analysis of logs from various sources, including endpoints, SaaS platforms, and custom applications. Experience in enriching and shipping logs to enhance the capabilities of security information and event management systems.
• System and Application Hardening: Skilled in the assessment and hardening of operating systems and SaaS applications, adhering to CIS and STIG standards. This includes a comprehensive understanding of the best practices in system security and the application of these practices to ensure robust defence against cyber threats.
• Secure Web Gateway Management: Experience in configuring and managing Secure Web Gateways, such as Zscaler, iBoss, and Netskope, to protect against web-based threats and enforce company security policies

The benefits offered

• Holidays: 27 days per annum paid holiday, in addition to bank holidays
• Years of Service Days: Employees are awarded one additional day of paid time off per year of service (up to three years)
• Vitality Health:
  • Medical Insurance: Copper provides all employees with individual cover. Medical history is disregarded, and a 24/7 virtual GP is available (£100 excess per person per year)
  • Dental Insurance: Comprehensive dental cover for preventative, restorative and emergency treatment
  • Audiology Cover: Employees can claim back up 80% of costs, up to £300, for any hearing tests or hearing aids
  • Optical Cover: £500 optical cover (through Vision Express) or 80% reimbursement up to £300 for any other optician
  • Menopause Support: Unlimited support for those experiencing symptoms of the menopause, such as video consultations with a dedicated menopause practitioner
  • Vitality services also include an additional £100 for minor diagnostic tests and private prescriptions, including home diagnostics
  • Headspace - Copper's policy provides all employees with a free Headspace subscription. Headspace provides great resources to manage stress, improve sleep, meditate and enhance mindfulness
  • Discounts and free benefits - the Vitality programme has been designed for preventative care to encourage members to improve their overall health and will reward those for doing so. Employees can access additional benefits such as 50% off running shoes, discounted health screenings, 50% off at Nuffield Health or Virgin Active gyms and much more

• Home Working Energy Support Scheme: to combat energy prices increasing globally, Copper will provide you, in addition to your salary, with a monthly top-up of £60 or £75 (subject to your energy supplier)
• Pension up to 10% matched contribution to our company pension scheme via Smart Pensions
• Cycle to Work
• Life Insurance cover: Four times your base salary
• EAP: access unlimited mental health consultations and contact a 24/7 confidential helpline for emotional support
• ClassPass
• Unmind
• Sponsored Learning and Development opportunities
• Regular company events and social activities

In return for everything you can bring to Copper, we can offer you an exciting, challenging role in a fast-growing and dynamic business, with career opportunities and welcoming working environment.

If you think you have everything we're looking for and more, then we'd love you to apply for the opportunity.

Apply Now: