Information Security Engineer - Reading, United Kingdom - Constant Recruitment Ltd
Description
- Cyber Security
- Information Security
Reading
Up to £65k
The Information Security Engineer is responsible for defining, leading, and managing Information Security, governance, risk and compliance, and audit and assurance for the organisation.
Working closely with the IT Director and the business, the role will helpdevelop an Information Security Strategy and Roadmap to protect the organisation from the increasing threat landscape.
Part of the role includes working with the IT Team to implement tools, processes, procedures and reporting systems that help control andmitigate against critical vulnerabilities.
Role and Responsibilities- Developing a clear strategy and roadmap for Information Security Management, together with an associated budget for implementation and annual development.
- Assessing current technologies, both onpremise and cloud, for potential vulnerabilities, weaknesses and for possible upgrades and/or improvements.
- Serving as a focal point of contact for the information security team within the organisation.
- Identifying and implementing tools to help the organisation defend against security threats and vulnerabilities.
- Leading and managing the organisations security certifications, including
ISO:
27001, Cyber Essentials/Cyber Essentials Plus and NIST.
- Developing and improving security policies, procedures, and reporting systems.
- Assisting the IT Team with the monitoring of security events, their triage and remediation.
- Overseeing information security audits carried out by third parties.
- Providing information security awareness training to business colleagues.
- Managing security team members and all other information security personnel as the company grows.
- Developing and managing the organization's Risk Management System and escalating risks that are out of appetite.
- Ensuring appropriate governance is in place to assure the Information Security Management System and Security Operations are adequately controlled and mitigated.
- Developing and improving physical security, disaster recovery and data recovery systems.
- Using the organisations Vulnerability Management System to identify threats and vulnerabilities and for installing critical security patches.
Preferred Skills
- Experience of leading ISO27001 certification and external audits in a complex operating environment.
- Understanding of the NIST Framework and / or NIST assessments would be an advantage.
- Knowledge and understanding of computer networks, operating systems (Windows, MacOS and Linus), Azure and O365 would be an advantage.
- Remaining up to date with the latest security trends.
More jobs from Constant Recruitment Ltd
-
2nd Line Support
Rochester, United Kingdom - 1 month ago
-
Support Engineer
Paddock Wood, United Kingdom - 3 weeks ago
-
2nd Line Application Support
Ashford, United Kingdom - 3 weeks ago
-
ERP Systems Manager
Tunbridge Wells, United Kingdom - 3 weeks ago
-
Project Manager
Kingsnorth, United Kingdom - 3 weeks ago
-
Group Management/financial Accountant
Maidstone, Kent, United Kingdom - 3 weeks ago