- BBBH790368 Sep 28, 2021 Competitive
You will assist in the design and implementation development of systems, standards, processes and procedures to drive security best practices, including NIST and Mitre Attack Frameworks.
Job Title: IT Security Architect
Reports to: Cyber Security Operations Manager
To support the IT Security team in implementing and maintaining a best practice Information Security Management System, working with IT Security and the wider IT team to develop the maturity of IT and Cyber Security.
This role will assist in the design and implementation development of systems, standards, processes and procedures to drive security best practices, including the NIST Framework, the Mitre Attack Framework, ISO27001, and GDPR, ensuring that these practices deliver a class-leading control environment across IT and the wider business.
The role includes delivering key projects in our Cyber Security strategy, supporting our Security Operations Centre capabilities for IT and cyber incidents across the business, and advising on the design and implementation of IT systems and services.
- Support the development of our overall Information Security Management System (ISMS) to help ensure delivery of an Information Security strategy that supports business goals while minimising IT, legal and regulatory compliance risks
- Act as a technical IT Security Subject Matter Expert, advising business and IT stakeholders on Information Security policies and assist in the development of technical solutions to implement policy while meeting business needs
- Support the Cyber Operations Manager by
- Managing day-to-day operations, monitoring the SIEM (Security Information and Event Monitoring) platform, and acting as 'first responder' contact and lead analyst for the Security Operations Centre
- Assuming the role of Incident Manager / CIRT lead as required, and ensure that procedures are adhered to, incidents are managed appropriately and consistently, and are reported in a timely manner
- Managing the IT Security vulnerability scanning, reporting and remediation processes, including liaison with IT systems owners in IT and across the business
- Support the Information Security Manager by performing technical IT Security controls reviews to test and monitor compliance with Information Security policies and IT related policies and standards, and tracking remedial actions
- Support IT Architecture in implementing our Security by Design policy, acting as a consultant and advisor to IT and business projects, delivering on design criteria and IT Security requirements to enable Security by Design
- Support the Data Protection Officer in implementing our Privacy by Design policy, acting as a consultant and advisor to IT and business projects, delivering on design criteria and IT Security controls to enable Privacy by Design
- Assist the IT Security team in managing our IT and Cyber Security Risk profile - assess, evaluate and document IT Risk on an ongoing basis
- Assist the IT Security team in delivering our Information Security and Privacy Awareness plans by delivering training and awareness campaigns on IT Security policies and principles for technical teams across IT and the business
Knowledge, Skills and Experience:
- In excess of 5 years' experience in IT and / or IT Security in a technical IT role - preferably with exposure to a range of IT roles, including some or all of the following: IT administration, systems implementation, project management etc
- Experience of working in a dynamic environment - both technical and business in a demanding environment delivering 24/7/365 services to customers.
- Knowledge of systems implementation and management, including configuration of access controls, security settings, patching, change management etc.
- IT and Cyber Security technologies and capabilities - incident response, threat assessment, malware handling and containment, analysing and investigating Indicators of Compromise (IoCs)
- Exposure to some or all of the following: malware protection, firewalls and IDS / IPS, systems administration, client Operating Systems knowledge; Virtualization experience; Vulnerability Management, Security Information and Event Management tools
- Knowledge of risk management, developing, implementing, and tracking mitigation and remediation actions
- Experience in developing security awareness and training programmes across diverse channels in a challenging and busy environment
- Project management and delivery of new systems and services, including exposure to procurement processes
- Communications and presentation skills - stakeholder management and communications, with ability to write reports and presentations and experience delivering to both technical and non-technical audiences.
For more information contact Sarah on email@example.com
Morgan McKinley is acting as an Employment Agency and references to pay rates are indicative.
BY APPLYING FOR THIS ROLE YOU ARE AGREEING TO OUR TERMS OF SERVICE WHICH TOGETHER WITH OUR PRIVACY STATEMENT GOVERN YOUR USE OF MORGAN MCKINLEY SERVICES.
Consultant | IT Recruitment
353 (0) 1 4321555