Information Security Engineer - Anywhere in the UK

IT/Information/Cyber Security
Ref: 117 Date Posted: Wednesday 11 May 2022
LinkedIn ShareShare
Company:           FTSE 100
Location:             Multiple locations across Europe

        3 x UK

        1 x Germany

        1 x France

        1 x Italy

        1 x Nordics

        1 x Benelux

        1 x Eastern Europe

Reports to           Regional Information Security Engineering Lead
Salary:                  £65,000
 
The Role
 
Background
 
Our organisation is in the process of maturing their Information Security services. A critical part of this is to accelerate the presence and capability of IT Security and Information Security within the core business units.
We have a requirement for a number of experienced Information and IT Security Engineers who can hit the ground running and drive progress across a wide range of Information Security Specialties; with a focus on mitigating and reducing the threat levels within the business.
You will be part of a network of Security Engineers supporting both local operations, IT and each other, using your specific expertise.
 
Summary of Requirements
  • Candidates will be responsible for working with colleagues from across the business and IT to deliver detection, protection and incident response for IT and Informational threats.
  • Candidates will be expected to provide advice and guidance to a range of information and cyber security projects. This will include documenting and recording requirements, architectures, solution designs and project priorities.
  • Candidates will be able to build trusted relationships at the local level within IT and the business as well as to liaise with counterparts around the wider group.
  • You will be part of a regional team that is expected to support all business activities across the region. This will include being present ‘on site’ on a regular basis. Visibility and the ability to build close working relationships with local IT and business contacts is a critical requirement.
 
Key Responsibilities
•             Ensure IT security systems, process and policies are in place locally and rectify any gaps.
•             Identify opportunities to improve local process and policy and act as a focal point for local advice on IT Security.
•             Act as a local / regional point of contact to detect and remediate cyber threats.
•             Following incident response undertake necessary investigations and problem management to ensure all remediations and learning is in place.
•             Proactively monitor and investigate all local cyber threats and communicate outputs to the wider team.
•             Act as a liaison to support and drive the central Information Security Awareness programmes.
•             Provide advice and guidance to local IT and users on IT Security.
•             Ensure process and policies are adhered to in order to maintain the status and versioning of all local systems.
•             Prepare and document standard operating procedures and protocols to support project outcomes as a local ambassador for IT and Information Security.
•             Participate in the local change management processes.
•             Where appropriate, establish and manage relations with vendors and related equipment suppliers.
•             Define security requirements and reviews systems to determine if they have been designed to comply with established security standards.
•             Understand local IT services and configurations ensuring vulnerabilities are managed.
•             Understand critical assets and data for local sites and work to ensure they are effectively protected.
 
Personal Attributes
•             Builds trusted relationships.
•             Demonstrates resilience over time, maintaining an up-beat and friendly attitude.
•             Delegates where appropriate, giving authority and responsibility to others.
•             Manages and handles conflict as a constructive force for change.
•             Involves all interested groups in the planning process to ensure their perspectives are incorporated.
•             Recognises and uses appropriate analytical tools to facilitate problem solving e.g. cost benefit analysis, risk assessment.
•             Understands the complexity of business decision-making and follows logical processes to ensure commercially viable solutions.
•             Ability to work on their own initiative, with minimal supervision and meet demanding milestones.
 
Competencies Expected
•             A knowledge of the Microsoft security stack
•             Expertise in deploying solutions towards a Zero Trust environment
•             Experience of working as part of a team and in actively contributing to overall team deliverables
•             Proficiency in a wide range of information security technologies including e-mail protection, active directory hardening, network hardening, firewall optimisation, data backup and restoration, end point security and so on
•             Hands on experience in IT Security Incident Response and investigation
•             Understanding and application of Cyber security frameworks e.g. NIST, ISO-27001 and Information Security Management System – ISMS would be beneficial
•             Experience of working in accredited environments
•             Possession of professional certifications and membership in professional associations is highly desirable (e.g. CISSP, ISO27000 certification, CISM, CEH, NCSC, CCP)
•             Recognised qualification in Project Management would be desirable (e.g. Prince 2 Practitioner, PMP)