THG is an international technology company and leading online retailer, home to premium brands such as lookfantastic, Myprotein, and ESPA; all of which are powered by our industry-leading and award-winning technology platform, THG Ingenuity.
Tech at THG
Technology is the driving force behind THG, and it starts with our people. We are ambitious with our goals and challenge conventional thinking. THG Technology is different because we support every single person to make massive impact and drive their own work. Our people are always learning, and we work every day to ensure our technology, from our software platforms, to our hosting services, to our M.L capability and beyond, is world class. This enables us to keep powering THG and our partners on a global scale.
What will I be doing?
As a Senior Security Engineer, your objective for this role is designing, building and implementing robust solutions and apply controls for the security of employees, customers, and assets across the group.
As a senior within the team you will be able to play a key role in helping to drive change, develop best practices, and enhance our security capabilities. This a chance for someone to take on a role where you can make genuine and meaningful changes beyond the surface.
Furthermore, it would be amazing if you’re able to impart your knowledge on other members of the team through mentorship and guidance when it comes to proper secure design and how to make long term architecture decisions.
Responsibilities: Monitoring, maintenance, and uplift of security controls and tooling across the group. Use case development and implementation for the SOC and technology teams working with Security Engineering. Technical implementation of core security functions and concepts (From EDR, to SIEM, to PAM, IAM and Zero trust concepts). Leadership, mentoring, and personal/professional development support of more junior members of the Security Engineering Team(s).
What skills and experience would I need?
Within Security Engineering we do not have defined experience requirements and instead openly assess people’s skills and knowledge and how they fit within the larger approach of the security community across the group.
Below is a list of skills/experience/attributes – if you tick off half of them, we are on the right track! Quality reporting skills and summarising of key technical knowledge to non-technical stakeholders (No report writing is currently part of the role). Keen knowledge on security-to-business integration, e.g. how does security impact different businesses/functions and how do we adapt to that. Networking and web fundamentals for engineering application – From applying the basics (understanding TCP/IP & how the web works), to actively creating tooling that works down to the nth degree (understanding logical bitmasking & how we can apply it in network monitoring and other more advanced applications of scripting/logging) Tooling development – Developing tools or scripting to solve novel issues in unusual environments Key principles of security network design – Segmentation of networks; key components in a secure network, processes to prevent misconfiguration. Analysis of security (and non-security) logging – Network protocol analysis; Windows/Linux networking/logging analysis. Leading & Managing – Development of a team; conflict management; personal and community/team development; basic project and task/time management skills for a team. SIEM & IDS principles and techniques – Usage of SIEM (Splunk, Elastic, QRadar, etc.), generation & acquisition of business-useful data and strategy based on its output; rules & detections design; use case design, implementation, and review; performance monitoring (of the technical tooling); source selection & integration; traffic profiling; IDS & WAF capabilities; signatures and heuristics and their application/usage.
What’s in it for me? Training and development are major parts of what we offer our team. We need to provide us all with the best we can for the sake of supporting each other and offering internal and external training on a wide variety of topics is key to this. You’ll play a key role in forming a team of talented and enthusiastic Cyber Security professionals. You’ll be joining a growing team that will drive business change on a huge scale. You’ll have the opportunity to make your mark within the team, applying the skills, experience, and knowledge that you can fully realise here at THG. You’ll be working for a company with an excellent culture, in a friendly and fast paced environment. You’ll be able to react to change with backing from the business. Competitive salary Build solutions using the latest technology Work alongside genuine industry experts Continuous development through THG Academy, our in-house L&D team Staff discounts on THG brands and Hale Country Club On-site doctor, physio and barber
THG is proud to be a Disability Confident Committed employer. If you are invited to interview, please let us know if there are any reasonable adjustments we can make to the recruitment process that will enable you to perform to the best of your ability.