The successful applicant will be responsible for the designing and implementing of enterprise class security solutions in large scale IT environments.
Responsibility for the design, integration and testing phases of the various work-stream deliverables.
Ownership of the security solutions and overall architecture for the IT Integration programme and InfoSec Roadmap
Areas of responsibility include
Design, implement and validate enterprise class security solutions to mitigate current and emerging threats
Ensuring operational resilience and alignment to recognised frameworks, regulatory requirements and the business and technology strategies
Deliver fully operational capabilities for all IT Integration security services
Advising and shaping security architecture best practices in an evolving IT environment.
Main escalation point for critical IT Integration issues requiring resolution or consultation through your line manager.
Provide advanced specialist support and advisory services as the Subject Matter Expert in all areas of IT Security including alignment of standards, frameworks and security with overall business and technology strategies.
Manage integration of security and IT solutions within the existing InfoSec framework (e.g. SOC, logging, Endpoint monitoring).
Manage demands for InfoSec support
Coordinate with the IT Risk Manager during targeted technical risk reviews and assessments of IT and cyber risks
Define cloud security architectures and internal systems
Develop IT security work-stream plans
Manage Ethical Hacking engagements
Deliver secure application architectures
Ensure Vulnerability Management analysis and treatment plans are appropriately managed.
There are many other facets to this superb role and these are covered on a very comprehensive job spec
To be considered for this role you will need to show experience in the following areas
Indepth experience working in a commercial IT function of which 5 years or more has been dedicated to an Information Security (InfoSec) role is essential
Delivering cyber security and technology risk reduction programmes / projects is essential
Documenting and reviewing security and IT designs to identify security risks and gaps is essential
Security threat /vulnerability management and remediation is essential
Implementing and managing security infrastructure such as firewalls, intrusion prevention systems (IPSs), DLP, web application firewalls (WAFs), endpoint protection, SIEM and log management technology is essential.
Cloud-based services and securing cloud architectures is essential
To be considered for this superb role please send your CV to me, Martin Warner, and I will get back to you as soon as possible