Cyber Security Engineer

Cyber Security Engineer

Location: Hybrid in Birmingham & Milton Keynes

Salary: Competitive based on experience

Role: Permanent

Are you a cybersecurity professional looking to make a significant impact in a dynamic and critical industry? We are recruiting for a leading distributor of electrical products, solutions, and related services. As a Cyber Security Engineer, you will play a pivotal role in safeguarding digital assets and ensuring the integrity of operations. You will be at the forefront of designing and implementing robust security measures, detecting and mitigating cyber threats, and maintaining compliance with industry standards. This is a hybrid role with visits to offices in Birmingham and Milton Keynes and the possibility of occasional travel.

Responsibilities

1. Be the technical lead for implementing cyber security related improvements to the networks at all sites.
2. Keep up to date with the latest security and technological developments.
3. Research/evaluate emerging cyber security threats and strategies to manage them.
4. Ensure the Opco's systems adhere to national and international legislation (Computer Misuse Act, UK and European GDPR, etc.), group policies and procedures.
5. Take ownership of any technical remediations or implementations required as part of the group cyber security dashboard and global vulnerability project.
6. Ensure that the group users know all local policies and procedures and that these are fully implemented.
7. Assist with planning and testing for cyber-related aspects of disaster recovery and create contingency plans in the event of any security breach.
8. Monitor for attacks, intrusions, and unusual, unauthorized, or illegal activity.
9. Regularly test and evaluate security products on the group's network.
10. Design new security systems or upgrade existing ones.
11. Collate and organize all documentation related to Cyber Security.
12. Working with the UK Information Security and Risk Management Officer, identify potential weaknesses and implement measures, such as firewalls and encryption.
13. Maintain an information security risk register and assist with internal and external audits relating to information security.
14. Prepare for and manage the Group security audit on an ad-hoc basis, ensuring systems for the group are compliant with group requirements.
15. Prepare for and manage annual Pen testing via external suppliers.
16. Liaise with the Infrastructure team to ensure systems are designed and implemented without breach of security policies and procedures.
17. Work closely with the team on technical remediations.

Skills required

1. Experience working in a technical cyber security role.
2. Previous experience of implementing ISO27001 or NIST framework.
3. Passion for Cyber Security and a keen interest in IT.
4. Excellent IT skills, including detailed knowledge of computer networks, operating systems, software, hardware, and security, including next-generation firewalls.
5. Understanding of the cyber security risks associated with various technologies and ways to manage them.
6. Previous experience working with Palo Alto, Microsoft Defender for Endpoint, Rapid 7, Tenable, and Illiumo would be advantageous.
7. Analytical and problem-solving skills to identify and assess risks, threats, patterns, and trends.
8. Excellent teamwork skills to collaborate with team members and management at both local and group levels.
9. Verbal communication skills, including presentation skills, with an ability to communicate with various technical and non-technical team members and other relevant individuals.
10. Written communication skills, such as writing technical reports and presentations.
11. Time management and organizational skills to manage various tasks and meet deadlines.
12. The ability to multitask and prioritize your workload to achieve business goals.
13. Excellent attention to detail.
14. An ability to work under pressure, particularly when dealing with threats and at times of high demand.
15. A flexible working approach, such as reacting to a cyberattack alert at night and being available "On-Call" as needed.