Information Security Engineer

£40000 - £48000 per annum
10 Oct 2017
20 Oct 2017
Contract Type
Full Time
Information Security Engineer - Permanent - Midlands - £good + benefits We are recruiting an Information Security Engineer to join a global Information Security Team, the team is responsible for ensuring all corporate information and systems are secure, fit for purpose and protected to an optimal level. You will be a `sign-off` participant for risk and security assessments for new projects and BAU growth. You will help drive the scrutiny, culture, strategy and adoption across the global operation. The role: - Day-to-day running and monitoring of Information Security systems - analyse and interpret outputs to identify security weaknesses and recommend continuous improvements - Respond to Security Incidents and alerts ensuring prompt containment and recovery - strong incident management skills - act as internal escalation point - Plan and oversee regular security penetration testing against new and existing services to identify weaknesses and formulate plans and processes to minimise risk - Own and update the Information Security Risk Register and produce Security KPIs - Creation and enforcement of Information Security Policies and Standards - Audit, risk and compliance reviews across the global business including third parties along with legal considerations for each region. - Consult on and implement security best practice in new and existing IT projects including third party supply chain. - Promote culture of `security by design` and facilitate appropriate activities to support and improve Information Security Awareness across the Group - Understanding of information security principles, including regulatory, legislative and industry practices. Update policy and processes accordingly - e.g. for GDPR - Articulate risk in technical and non-technical terminology so that it can be interpreted by Group IT and business stakeholders - Remain up-to-date with new data and privacy legislation as well as emerging security technologies and understand/translate their risk relevance to the environment. About you: - At least 3+ years` experience of working within an Information Security role - Good practical knowledge of GDPR (desirable) or data privacy by design - Proven ability to manage a variety of security software, systems and services e.g. e-mail filtering, AV, DLP etc along with an understanding of malware prevention, emerging threats, attacks and vulnerability management - A strong understanding of Information Security best practice for all elements including workstations, servers, networks and applications - Knowledge of Security Frameworks, i.e. Cyber Essentials, ISO 27001 - Ability to confidently perform security audits, both internal and external (e.g. third party and supplier assurance) and ensure strong recommendations are followed - Project Management skills - able to manage multiple projects - Experience of reviewing existing and new business processes to ensure Information Security best practice is enforced - Ability to remain calm under pressure and clearly communicate to all levels of management around the globe - Ability to prioritise, meet tight deadlines, has a sense of urgency and a high degree of confidentiality - Understanding of IT Service Management principles ideally ITIL. Position comes with a competitive salary, company pension scheme, medical insurance and other benefits. Our client also invests in its people and will support your continued career progression and development.
This job was originally posted as