Security Engineer

Want to be one of the hundreds of people that work together to make Formula 1 happen? We need a Security Engineer to add their skills to the force behind the sport.

Specification Essentials:

• Hands-on technical background in cyber / information security.
• Experience and in-depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.)
• Working knowledge of Identity & Access Management (IAM) practices and solutions, email security, secure web gateway (SWG) and remote access solutions.
• Experience with Microsoft security tools & technologies (Defender) for O365, endpoints, identity, Data Classification & Data Loss Prevention
• Experience with multi cloud environments – AWS, Azure, and their associated security controls/services - configuration, detection, response
• Working knowledge of core IT functions (systems, networking) and enterprise IT technologies/products
• Incident response and Business Continuity / Disaster Recovery (BC/DR) planning and implementation
• Information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials
• Experience of applying both a risk and compliance lens to security design & engineering
• A track record of supporting multiple projects simultaneously
• Degree or equivalent qualification in relevant fields
• Security certifications (CISM, CISSP, SANS, CEH, CREST)

About the role:

As a Security Engineer, you will play a critical part in developing and implementing a leading cyber security program to protect F1 against cyber threats. This is a hands-on technical role working closely with different stakeholders to implement and maintain security technologies and continuously seeking ways to streamline and mature security operations. Responsibilities include:

• Helping to develop the security engineering strategy for F1’s IT & cloud infrastructure, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats.
• Work closely with the Information Security team to ensure efficient access to valuable security information – through tools and processes.
• Be “hands on” with security tools, understanding how they fit into the wider technology stack, and ensuring the setup and output is valuable. This includes endpoint, network, identity, and applications.
• Work with development teams to engineer, implement, and configure application security tooling throughout development operations.
• Lead on the coordination of F1’s offensive security & vulnerability management activities (pen testing, red-teaming, vulnerability scanning, system hardening), prioritising remediation based on risk and technical requirements.
• Support the information security compliance team on risk management, technical policies & standards, control assessments and audits.
• Build and maintain relationships with primary suppliers/partners to influence key security decisions relating to F1 data, products, and applications. Ensuring baseline security requirements and understood and met.
• Key involvement in security incident investigations and escalations, supporting incident response and BC/DR testing activities.

Join Team Formula 1, make it happen!