Technical Security Specialist

Job Description

Technical Security SpecialistRole OverviewWe have a fantastic opportunity for a Technical Security Specialist to join our Information Security department. The successful candidate willgiveadvice and guidance on the application of security and governance frameworks, policies, best practice, andsecurity knowledge transfer to strengthen our security posture, based on the Business and Information Security strategies.The Technical Security Specialist will work closely with the wider Information Security departmentand across the organisation. They will endeavour to nurture professional relationships with internal stakeholders both locally and globally throughout thebusiness and be proactive in promoting security best practices against a balance of business opportunities and risk.Main duties and responsibilitieswill include:

• Working with the Commercial Procurement Team to advise on security artifacts which need to be contractually captured and agreed when purchasing products and services.
• Workingwith and advise project managers, on the secure implementation of controls for product and /or services.
• Advisingon security controls applicable to the relevant Operational, Administrative and Maintenance (OAM) framework on any technical delivery.
• Commission vulnerability and penetration testing (where appropriate) through to remediation and handover to BAU.
• Advisingon the correct approach to decommissioning of product and services when approaching (EOL).
• Promotingthe concept of working groups to foster collaboration with differing stakeholders, departments, and subject matter experts.
• Working with differing departments to improve the security posture as highlighted in the azure portal (Defender for Cloud), to a satisfactory level.
• Promotingthe role and become recognised as the business technical security SME for Cyber.
• Monitoring industry trends, products & services and submit white papers for any gaps in the current or future security environment which may aid PM.
• Promotingand assisting to deliver the INFOSEC security strategy.
• Advisingon the application of security controls within the following environments: Office 365, MS Azure, third party Cloud providers, SaaS (Software as a Service) services, on-premises services & infrastructures, IoT (Internet of Things).

Candidate OverviewFormal security qualifications will be a big plus, but experience and expertise are what were looking for. If you are the right candidate for us,you will have demonstrable experience in the following:

• (Mandatory) In-depth understanding of Cyber Security risks associated with various technologies (Cloud, on-premises, Mobile, Lan/ Wan, Remote Access, Data Centres, Telco, VPN technologies) and controls to mitigate them.
• (Mandatory) Security Fundamentals including OWASP top 10, API, PKI, MFA.
• (Mandatory) application of Azure (AZ-500).
• (Mandatory) application of O365 security & controls (MS-500).
• (Mandatory) Vulnerability Management and remediationVulnerability Life Cycle from identification to remediation.
• (Mandatory) Understanding of any of the following Defence-in-depth, Perimeter Security, Network Security, Endpoint Security, Email Security, Advanced Threat Prevention, Protection Monitoring, Access Control etc.
• (Mandatory) O365 security & controls (MS-500).
• Desirable - ITIL and Change Board submissions.
• Desirable Identity & Access management tools.
• Desirable Cisco / networking.
• Desirable Operating systems: Microsoft and Linux / Unix.
• Desirable Storage and Virtualization.
• Desirable IAM technologies and services (e.g., Active Directory, LDAP, IAM)
• Desirable Understanding of DLP Data Loss Prevention.
• Desirable Emerging Threats and attack vectors.
• Desirable Security implementation experience in an enterprise IT environment.
• Desirable Legal and Jurisdictional frameworks governing Privacy and data management/handling.

Our Benefits

Agile working i.e. the opportunity to work from home, subject to diary commitments;

25 days annual leave entitlement and the opportunity to purchase or roll over 5 days;

Contributory pension of up to 5%;

Private healthcare;

Death in service cover (4 x base salary);Eligibility to apply for an interest free season ticket loan, an interest fre