Job Title Security Specialist
Job Location – Reading, Berkshire
- Build and run the company’s network monitoring capabilities.
- Ensure the best use of cyber security tools to protect the company, the customers, partners and systems from cyber-attacks and security incidents
- Monitor security vulnerabilities and threats in network and host systems
- Liaise and collaborate with key stakeholders in relation to IT security threats
- Develop strategies to handle security incidents and trigger investigations
- Implement an effective process for the reporting of security incidents
- Responsible for creating and maintaining security incident response plans
- Responsible for creating and maintaining IT Business Continuity Plans
- Oversee the investigation of reported security breaches
- Keep abreast with the latest regulations and compliance requirements
- Champion and educate the organisation on the latest security strategies and technologies
- Conduct continuous assessment of current IT security practices and systems and identify areas for improvement
- Track latest IT security innovations and keeping abreast of latest cyber security technologies
- Deliver new security technology approaches and implement next generation solutions
- Create and implement a strategy for the deployment of information security technologies
- Ensuring Security and Privacy Impact Assessments are carried out at design stage
- Develop security tests for coding, and to carry out code security reviews
- Contribute towards ISO, DPP, and other relevant accreditation
- Maintain up to date knowledge and an awareness of security trends, keeping abreast of new risks, through self-education and attendance to industry seminars, to ensure ongoing security risk analysis and the implementation of technical systems and procedures to minimise risk
- Liaise with clients and potential clients to confidently articulate and demonstrate our security capabilities
- To attend IT security conferences or events for information gathering for presenting and sharing internally
- To sit on internal security board meetings and customer meetings
Knowledge and Experience
- You will be expected to hit the ground running in a fast-paced environment with a growing workload, and have a high enough skill set to solve problems and find solutions with minimal hand holding
- Experience working with fast data processing workflows including environment and deployment models, ingest data pipelines, security, and infrastructure.
- Skills in monitoring and configuring a range of security tools and determining the best course of action when they alert us that we need to take action.
- A thorough understanding of cyber security and cyber-crime, including the key threats and the tools used to protect an organisation from them.
- A track record of responding to a range of cyber security incidents in a calm and consistent manner.
- Previous experience of cyber investigations and of internet topology and artifacts that can be used to identify attackers and the methods they use.
- A proven cyber and information security background, ideally in financial services.
- Exceptional communications skills, with the ability to translate complex technical concepts into everyday language.
- CISM, CISSP, CEH or other cyber related qualification or training
- You will be an existing participant and regular attendee of technical/security industry events
- Change management and business process experience
- Proven track record of driving change programmes
- Excellent knowledge of general security risks, at both technical and business level
- Technical understanding, of Firewalls, Routers, VPN’s, Penetration Testing, Server Hardening, User Access Rights.
- Knowledge of all layers of security; Perimeter, Network, Application, Data, Operations, Policies, Monitoring and Response.
- Provide to the business the security architecture experience needed in order to advise and ensure appropriate development and deployment of new products, services and environments
- Manage and create IT Operations processes and Control activities across the business to ensure alignment with business priorities and engender continuous improvement.