Job Description Summary
As an experienced Cyber Security Specialist with significant DevOps and infrastructure experience, you will be responsible for providing both the hands-on technical and operational expertise in the use of tools, processes, policies and protocols to enhance our security posture throughout the organisation, attain ISO27001 and other accreditations, and engage in risk identification and mitigation activities with internal and external project teams alike.
This is your role:
- Ensure cyber security within the business by designing and deploying security policies, principles and practices
- Develop our IT processes and procedures to attain ISO27001 accreditation
- Investigate existing solutions to ensure they meet all recommended security standards and recommend remediation activities where required
- Work with the IT Manager and the development teams to develop a strategic security vision
- Specification and implementation of technical solutions and infrastructure technologies to meet business requirements and growth plans
- Research and develop new ideas and technologies to ensure data protection and cyber security
- Identify cyber threats and network attacks from internal and external sources while also utilising processes and technologies to detect and prevent malicious attacks.
- Manage 3rd party suppliers and vendor relationships, assisting with business continuity planning and ensuring IT Disaster recovery is designed, planned and tested for all security services.
- Play a prominent role in the growth, development and reputation of the business
- Present information to senior management in a concise and relatable way in order to support decision making on Cyber Security strategy
- Perform internal and 3rd party audits, reporting on and actioning any gaps in line with ISO standards
- Organise and facilitate penetration testing of our business, infrastructure and products
- Provide security training to various levels of the business
- Ensure relevant technical requirements are achieved for successful product launches
- Track and report progress to senior management on the variety of initiatives underway
What we are looking for:
- Degree and/or multiple qualifications of significance in IT or related disciplines - must be able to provide proof of continued learning for evolving technologies and solutions;
- One or more industry certifications such as CISSP, CISM, SSCP, Security+, some technology specific certifications such as AWS Partner Accreditation, perhaps a related qualification from ITIBGQ.
- A solid understanding of managing cloud hosting platforms, with experience managing and securing these both internally, and with partners.
- Experience of operating system and network security in physical, virtual, and cloud-based environments - good understanding of network security technologies and processes in general
- Experience of analysing both industry-wide productivity products and development-specific tooling
- Familiarity with industry security standards and frameworks including ISO27001
- Awareness of the current and emerging security threats and of systems and methods to counter them
- Tenacious problem solver with a drive to achieve excellence
- Expert troubleshooting & diagnostic skills
- Experience of incident management software
- Experience managing service desk and/or supporting end users is desired, but technical experience outweighs this
- Excellent communication, interpersonal and presentation skills.
- Capable of working with multidisciplinary global teams with strong organization skills.
- Flexible approach and willing to work extended hours as and when required by the business needs.Capable of working with multi-disciplinary global teams with strong organization skills.
- Proficient user of MS Office systems
- Flexible approach and willing to work extended hours as and when required by the business needs and ability to travel when required.
Location: We're looking for someone to join the team in Edinburgh, UK, but you could also be located in or around Prague, in Czechia. The expectation is to be in the office at various stages throughout the various project lifecycles to aid in collaboration, however remote working can be expected at times, and can be considered the primary working location for the right candidate.
Should you meet the requirements and be interested in applying, kindly send your updated CV
Permanent, Full Time
- Industry Sector Other