Information Security Engineer - Reading, United Kingdom - Constant Recruitment Ltd

Constant Recruitment Ltd
Constant Recruitment Ltd
Verified Company
Reading, United Kingdom

3 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

  • Cyber Security
  • Information Security
Information Security Engineer
Reading
Up to £65k

The Information Security Engineer is responsible for defining, leading, and managing Information Security, governance, risk and compliance, and audit and assurance for the organisation.

Working closely with the IT Director and the business, the role will helpdevelop an Information Security Strategy and Roadmap to protect the organisation from the increasing threat landscape.

Part of the role includes working with the IT Team to implement tools, processes, procedures and reporting systems that help control andmitigate against critical vulnerabilities.

Role and Responsibilities

  • Developing a clear strategy and roadmap for Information Security Management, together with an associated budget for implementation and annual development.
  • Assessing current technologies, both onpremise and cloud, for potential vulnerabilities, weaknesses and for possible upgrades and/or improvements.
  • Serving as a focal point of contact for the information security team within the organisation.
  • Identifying and implementing tools to help the organisation defend against security threats and vulnerabilities.
  • Leading and managing the organisations security certifications, including

ISO:
27001, Cyber Essentials/Cyber Essentials Plus and NIST.

  • Developing and improving security policies, procedures, and reporting systems.
  • Assisting the IT Team with the monitoring of security events, their triage and remediation.
  • Overseeing information security audits carried out by third parties.
  • Providing information security awareness training to business colleagues.
  • Managing security team members and all other information security personnel as the company grows.
  • Developing and managing the organization's Risk Management System and escalating risks that are out of appetite.
  • Ensuring appropriate governance is in place to assure the Information Security Management System and Security Operations are adequately controlled and mitigated.
  • Developing and improving physical security, disaster recovery and data recovery systems.
  • Using the organisations Vulnerability Management System to identify threats and vulnerabilities and for installing critical security patches.
Qualifications and Education Requirements
Preferred Skills

  • Experience of leading ISO27001 certification and external audits in a complex operating environment.
  • Understanding of the NIST Framework and / or NIST assessments would be an advantage.
  • Knowledge and understanding of computer networks, operating systems (Windows, MacOS and Linus), Azure and O365 would be an advantage.
  • Remaining up to date with the latest security trends.
More jobs from Constant Recruitment Ltd
See all jobs of Constant Recruitment Ltd