Technical Security Specialist
Technical Security Specialist
The technical security specialist plays an integral role in assessing the organisation's security requirements from a project delivery and security posture improvement perspective, for Pinsent Masons. Reporting to the Security Architect, the successful role holder will be required to effectively translate business project deliverables to comply with Information Security frameworks and Programs Once translated the technical security specialist must be able to recommend technologies, processes and procedures to ensure alignment of projects to the Security frameworks adopted.
The technical security specialist is to work closely with the wider Information-Security departments and across the organisation; they must endeavour to nurture positive relationships with stakeholders within the business both locally and globally.
The roleholder will prioritise and develop the overall security requirements for projects emanating from PMO, IT, Finance and the wider organisation.
Main Duties and Responsibilities
* Track developments and changes in the business and threat environments to ensure that these are adequately addressed in all aspects of project deliverables.
* Be the SME (subject matter expert) to projects to provide advice on the appropriate security controls by negotiation, persuasion and excellent "soft skills" to influence and mitigate potential conflicts.
* Implement baseline security standards for operating systems (e.g., operating system hardening), network segmentation, and identity and access management (IAM) in both projects and ad-hoc requests.
* Liaise with the internal Information Security team and the Security Architect, to review and evaluate the design and operational effectiveness of security-related controls.
* Liaise / establish relationships with other business functions including, but not limited to IT, PMO, and regional (and international) departments.
* Liaise with other security practitioners to share best practices and insights.
* Working knowledge of privacy governance / statutory frameworks
* Identify risks, recommend mitigations and escalate as necessary.
* Desirable - Degree level candidate ideally in computer science, information systems, cybersecurity or a related field or experience thereof.
* Desirable - Experienced in project delivery from an Info-Sec / Security implementation perspective.
* Desirable - Experience in working on multiple projects concurrently within set timelines.
* Desirable - Consultancy background - customer facing (optional)
* Minimum of 5 years experience in a similar role.
* Ideally professionally qualified Isc, Isaca, Cisco, Microsoft etc.
Relevant Experience Required
* Five or more years of experience in disciplines below:
* Infrastructures - Lan/ Wan / Remote Access / Data Centres / Telco / VPN technologies
* On-Premise and Cloud based (Iaas, PaaS and SaaS) infrastructures.
* Operating systems : Microsoft and Linux / Unix,
* Storage and Virtualization.
* IAM technologies and services (e.g., Active Directory, LDAP, IAM)
* Security implementation experience in an enterprise IT environment
* Legal and Jurisdictional frameworks governing Privacy and data management / handling.
* Desirable - ITIL and Change Board submissions.
We look foward to your applications.