Information Security Professional - Global Consultancy - REF 1017

25 days + BH, Life, health, child vouch, gym membership, pension, buy/sell leave

Additional Benefits:

Health plan, positive place of work; monthly socials, Xmas Party + Summer BBQ

Region: West Yorkshire

A leading capital programmes professional service provider who has grown their company on a global scale to over 8000 employees in over 100 offices across 40+ countries. An organisation with a clear vision of what they want to achieve and one that recognises that employees are the key to future growth. They invest heavily in training, development, and regularly appraise their employees.

We are looking to recruit an Information Security professional to join an existing Information Security team. The role will see the successful applicant working with the Information Security team to provide advice and guidance on IT security and further develop IT policies and processes across a multi-region infrastructure.

As a member of the IT Security team, you will review all aspects of the IT environment and its components. This role shall be responsible for supporting and maintaining enterprise-wide solutions. The successful candidate will be required to proactively improve and provide advice and guidance on information security matters.

This is an excellent opportunity for candidates who have a strong understanding of IT infrastructure and/or information security within a fast-paced environment. SOX control responsibilities may be part of this role.

Key Duties and Responsibilities:

• Assist with security incident management and response activities.
• General day-to-day support on managing and responding to security alerts from systems and end users.
• Perform daily, weekly, and monthly security checks, reconciliation and compliance checks and investigate exceptions.
• Completing client security requirement questionnaires and support the bidding process.
• Identify and raise awareness of security risks.
• Develop and enhance security policies, processes, procedures, and technical controls to enhance security capabilities and resilience to cyber threats.
• Take a proactive role in identifying security risks, mitigations, and opportunities to strengthen resilience to cyber-attacks and security incidents.
• Participate in the design and implementation of systems and applications.
• Develop user and technical training guides.
• Maintain and manage the IT Risk register.
• Test DR plans and capabilities to ensure they work as designed, identifying gaps and lessons learnt and work with the business to drive continual development and enhancement.

Experience & Skills Requirements:

• Two years hands-on experience of security and/or infrastructure within an enterprise environment.
• Exposure to enterprise information security standards including Cyber Essentials, ISO 27001, 27002 etc., Data Protection Act, and the General Data Protection Regulation.
• Microsoft O365 Security solutions; Networking; Security operations; Vulnerability Management; Security Auditing.
• Good understanding of security testing principles, including experience of vulnerability scanning, identifying, resolving, and reporting risks.
• Experience of formal document creation, such as the creation of reports or procedures.

Detailed knowledge of:

• Threat Intelligence analysis and best practice.
• Security Incident Response processes, procedures, and best practices.
• Disaster Recovery and Business Continuity principles.