Your new company
A company providing world-class and pioneering research who promotes a culture of equity, diversity and inclusion, preparing its students for a bright and promising future.

Your new role
The role will involve protecting and educating employees and ensuring security by design is implemented within all applicable laws and regulations. You will contribute to the operation and improvement of the IT Security standards, procedures and policies which comprise the company’s Information Security Management Systems.

You will work with security enforcing systems across the client’s IT Services environment. This includes Security related service management processes (security incident, change and problem management). Additionally, you will liaise with and educate IT services staff to ensure that the appropriate technical solutions are in place, and that these are rigorously tested and reviewed; and with the wider company to promote adherence to policies and appropriate behaviour in the use of IT.

You will maintain awareness of developing technologies, assess the impact on existing systems architecture, and further develop their knowledge and professional practice. Working with employees, IT Services, all company business units and external vendors and agencies, you will ensure the company is protected.

What you'll need to succeed
You will need experience with Security Incident response, Disaster Recovery and ITIL processes, as well as a strong understanding of IT and Information Security policies, processes and standards. You will be confident with Security Incident and Event Management (SIEM), and be able to swiftly identify, analyse and manage risk, whilst managing firewalls and Cisco networking devices, and/or analysis of network traffic information, and web server logs.

You will need to be proficient with Microsoft Windows and Apple OSx, and competent using Remote Access (VMWare, VPN) and vulnerability assessment tools. You will contribute to the development of the IT Security Policy Framework, promoting good security practises through analysis and assessment of the current threat landscape.

You will be familiar with Cloud Security (SaaS, PaaS, IaaS, etc.) and be able to assess cloud hosted solutions, as well as use and improve policies in anti-virus, email/web filters and other security enforcing tools, while maintaining Endpoint and content protection systems. Any security weaknesses will be clearly communicated to stakeholders.

Understanding applicable legislation (GDPR, PCI-DSS, ISO27001, ISO27002 Regulation of investigatory powers, FOI Act, Computer Misuse Act, Jisc Terms and Conditions etc) will be essential.

Specialist knowledge/qualifications

• Degree (or equivalent) in a related information technology subject area or substantial relevant experience, or
• Working towards or obtained recognised system security accreditation such GSEC, Sec+, CSX, CSTA, CCSP, CWSA etc, or willingness to do so.

What you need to do now
If you are interested in this role, forward an up-to-date copy of your CV, or contact me.