Information Security Specialist - Cumbernauld, United Kingdom - William Grant & Sons

William Grant & Sons

Verified Company

Cumbernauld, United Kingdom

2 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Job Introduction:

Are you an Information Security Specialist who can work as part of a proactive team to prevent and react to security risks? Would you like to contribute to the continued success of the largest family-owned Whisky distillery in the Scotland, responsible for iconic brands including: Glenfiddich, The Balvenie, Hendricks Gin, and Reyka Vodka?

Main Responsibility:

As an Information Security specialist, you'll be at the heart of our Group Technology Services team, who ensure that William Grants & Sons have good practices and controls in place to protect our information and information systems.

Using your experience and knowledge, you will engage with technical and non-technical stakeholders across the business to ensure that security risks are identified and managed in accordance with our Information Security policies.

Policy and Compliance

Develop and enforce information security policies and procedures.
Ensure compliance with relevant regulations and industry best practices.

Risk Assessment and Mitigation

Conduct risk assessments to identify potential vulnerabilities and threats.
Implement measures to mitigate identified risks and improve overall security posture.

Security Awareness and Training

Provide security awareness training to staff and promote a securityconscious culture.
Stay current with industry trends and emerging threats to continually enhance security protocols.

Security Audits and Testing

Conduct regular security audits and vulnerability assessments.
Perform penetration testing to identify and address potential weaknesses in the system.

Collaboration and Communication

Collaborate with IT and crossfunctional teams to integrate security measures into projects and daily operations.
Communicate effectively with stakeholders, keeping them informed of security risks and mitigation strategies.

Information Security Project Engagement

Engage with technical and nontechnical projects to ensure that Information Security requirements are identified and met.
Identify project risks and escalate where appropriate.

Risk Management

Identify risks which come as a result of audits and engagement and where there is a noncompliance to the Information Security policies.
Ensure that Information Security risks are managed and successfully tracked through to remediation working with the GTS Risk Manager.

Third Party Assurance

Experience in vetting third parties to ensure that they meet William Grant & Sons Information Security expectations.
Able to identify and interpret when third party assurance activities are required and feed into other processes such as DPIA's and risk assessments.
Degree qualified in cyber security, computing science or relevant work experience in an IT or information security related role.
Skilled in one or more of the following
Microsoft Office 365 configuration & troubleshooting
Microsoft Office 365 Advanced Threat Protection
Microsoft Windows Advanced Threat Protection
Microsoft Active Directory
Cisco internetworking including routers, switches and ASA series firewalls.
Strong understanding of TCP/IP internetworking and troubleshooting
Interpretation and Handling of Penetration Testing Exercises and Findings Experience of Windows 10 enterprise deployment and support, including appropriate support tools.
Able to demonstrate a good understanding of common information security vulnerabilities, threats and controls.
Experience in working with an Information Security policy framework and awareness of one or more of the more relevant Information Security frameworks such as NIST SP80053, ISO27001 or CIS.
CISSP, CISM, CRISC or other relevant security qualification desirable Comfortable with dealing with stakeholders at all levels within the business.
Experienced in Information Security project engagement.
Understands and can interpret Information Security policies and