Senior Security Engineer

Show job

Senior Security Engineer

Brackley (Hybrid)

At the Mercedes-AMG Petronas Formula One Team, a group of passionate and determined people work to design, develop, manufacture and race the cars driven by seven-time World Champion Lewis Hamilton and Grand Prix winner George Russell.

The Team has set a new benchmark for Formula One success during the sport’s current Hybrid era, winning consecutive Drivers’ and Constructors’ World Championships in 2014, 2015, 2016, 2017, 2018, 2019 and 2020, and the Constructors’ Championship in 2021.

Whether working in our Operations, Technical, Race or Business Support functions, we are all in and aspire to build the greatest team in the history of our sport.

Every individual plays their part. No stone is left unturned in the chase for every tenth of a second. The history of our sport is long and rich, and we are continuing our journey with renewed effort year on year. Record books remember the names of a few, but history is written by the many.

About the Role:

We are seeking a Senior Security Engineer to join our Information Security team within an expanding and dynamic IT team. The successful candidate will report to the Head of Information Security and will support security improvements, responding to incidents, and working closely with colleagues across the business to ensure that security requirements are met.

Information security within the team has developed significantly over the past 18 months, and this role will be central to further evolving how we manage security risks.

We take an offensive security approach. This means we focus on what hackers do, how they do it, and how we can stop them and protect the team. Where we need them we create policies and standards in line with our efficient and fast paced environment.

In the role you will:

  • Collaborate on projects to engineer new security solutions for the team.

  • Operate our security tooling stack. Reviewing alerts, investigating incidents, and tuning our tech for optimal performance.

  • Ensure that our processes and procedures are documented, appropriate, and practiced.

  • Be the expert point of contact for security incidents, collaborating on our response and remediation work.

  • Work with our own internal tooling and third parties to conduct red and purple teaming of our environment to identify security gaps.

  • Assist the IT team and wider business on security issues, offering pragmatic and sensible advice.

To be successful you will haveEssential:

  • Strong experience within security engineering, with the ability to hit the ground running and start adding value and delivering initiatives.

  • A good blend of technical and leadership skills. We're a small team, so all of us play a hands-on role where necessary, however we also depend on stakeholders across the business for realising our goals.

  • Not be afraid to learn new tooling or technologies. A growth mindset is key to being successful with us.

  • A keen eye for optimising existing security tooling and an aversion to buying unnecessary tools and technologies.

  • A great understanding of attacker Tactics, Techniques, and Procedures (TTPs). You don't need to be a threat intelligence expert, but you should have some background in reviewing and understanding threat intelligence reporting.

  • Be comfortable being a solo contributor, and being able to thrive working either on your own or across our team.

  • Be comfortable delivering security advice to a range of audiences, from our team members in the machine shop, to senior leaders at the track.

  • Our tech stack consists of Windows Active Directory, EntraID, and a Linux estate. We have a range of operating systems in our environment. Whilst you don't need you to start as an expert on all of these, it is essential that you have strong knowledge of Windows and Active Directory/Entra.

  • Great creativity, imagination, and commitment for reducing security risks.

  • The ability to translate technical issues into easily digestible information for non-technical colleagues.

  • Strong familiarity with tooling such as EDR, CSPM, PAM, NGFW, vulnerability management, and mail filtering.

Desirable:

  • Experience with Crowdstrike tooling. Crowdstrike are a key partner of our team, and we leverage several of their tools. If you don't have experience with Crowdstrike, we'll provide training.

  • Experience with Microsoft security products.

  • Experience and/or certifications in offensive security, such as OSCP or eCPPT, or experience on platforms such as HackTheBox or TryHackMe.

The selection process:

  • Initial Teams interview with the Head of Information Security.

  • A visit to our factory in Brackley for your second interview where you will also meet colleagues in the IT department.

Benefits:

Our riverside campus is powered by 100% renewably sourced energy and features an on-site gym and exercise studio, subsidised restaurant and on-site parking with EV chargers available.

We offer a competitive and attractive package of benefits including a generous bonus scheme, Mercedes car lease scheme, private medical cover, life assurance and 25 days holiday. We pride ourselves on our family-friendly environment, employee well-being programme and offer flexible working opportunities.

Why us:

At the heart of our performance are our people. Every member of our team has a voice and plays their part in contributing to our successes on and off the racetrack. We take pride in creating an innovative, collaborative and high-performance culture where all of our team members are respected, empowered and valued.

Through our Accelerate 25 programme, we are continuously working to make our team even more diverse and inclusive. Whatever your background, we believe that you will find working with us rewarding and enriching.

Your application:

We will ask you to complete a questionnaire as well as submitting a cover letter and CV. Please submit your CV and cover letter as one PDF document.

Organisation: 
Mercedes-AMG Petronas F1 Team