IT Security Specialist - Global Organisation - Leeds
Exciting Global Projects
Competitve Salary + Out-of-Town Location
About Our Client
The client are a multinational professional services company headquartered in Leeds. They specialise in programme management, project management, cost management and consulting across the property, infrastructure, and natural resources sectors.
- Maintaining and improving a Cyber Essentials Plus security standard.
- Co-ordinate, measure, and report on the technical aspects of security management.
- Fully participate in internal governance activities relating to Information Security.
- Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
- Identify security non-conformities - patching or re-configuring systems to resolve issues; and building and testing new security systems.
- Research and propose appropriate security solutions as deemed fit and beneficial.
- Design, co-ordinate, and manage security testing procedures to verify the security of systems, networks, and applications; and manage the remediation of identified risks.
- Recommend and co-ordinate the implementation of technical controls to support and enforce defined security policies.
- Manage the process of gathering, analysing, and assessing the current and future threat landscape - providing the IT Director with a realistic overview of risks and threats in the enterprise environment.
- Monitor and report on compliance with security policies, supporting the enforcement of policies within the IT department.
- Issues and exceptions processing and tracking.
- Technology Infrastructure Assessments for new, changed, and existing systems.
- Work with the infrastructure manager to develop a security program and security projects that address identified risks and business security requirements.
- Track issues and report to Head of IT.
- Define and develop security control designs including those required to support external regulations.
- Provide security communication, awareness, and training for broad range of stakeholders - ranging from senior executives through to on-the-ground field staff.
- Consult with IT & security staff to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications, and software.
- Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans, and communicate information about residual risk.
- Manage security projects and provide expert guidance on security matters for other IT projects.
- Research, evaluate, design, design, test, recommend, plan the implementation of new or updated information security hardware or software and analyse its impact on the existing environment.
- Provide technical and managerial expertise for the administration of security tools.
- Ensure audit trails, system logs, and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
In addition the role will include the opportunity to provide information security compliance consultancy to projects and operational teams, ensuring that the design of new systems infrastructure or applications are and remain compliant with security policies and standards from inception to production delivery.
Duties will vary periodically and be revised due to the nature of the IT support environment.
The Successful Applicant
You could come from an infrastructure/technical background, or have established yourself within a security policies & and processes background. The successful candidate will be an established IT professional with a comprehensive and demonstrable history of successful delivery of IT security projects.
Comfortable with a very fast pace of work - responsible for IT security compliance across a network of 104 offices worldwide, with 5000+ users - you will be a team-player with a can-do attitude looking for a career in a business with mutual investment of time and effort in development.
- Comprehensive experience including in-depth knowledge within a security analyst role supporting
global sites and regions.
- Excellent understanding of security testing principles, including experience of penetration testing,
identifying, resolving and reporting risks, Security Auditing, Forensics & Security architecture.
- Project ownership, from specification through solution selection, deployment and ongoing
- Experience of document creation, such as the creation of reports or procedures or technical
- Ability to engage with projects and provide information security awareness and to raise compliance
requirements across the business including within projects and operational teams.
- Experience of carrying out risk reviews, technology audits or other similar work.
- Technical security experience with the following - Microsoft core OS; Networking (WAN, LAN & Wifi);
- A good understanding of normal network infrastructure such as VPNs, firewalls, switches, routers,
- Experience within information security risk and compliance function.
- An understanding of enterprise information security and in depth knowledge of standards including
Cyber Essentials, ISO 27001, 27002 etc. Data Protection Act and the General Data Protection
- Technical expertise of Cisco security products, specifically ASA firewalls, AnyConnect, VPN and
Core Behavioural Skills:
- Confident individual with the good interpersonal skills, able to deal with people at all levels and
communicate to users in a clear, non-technical language.
- Analytically minded, able to break down and understand information.
Must be comfortable with working in a fast-moving, dynamic environment.
- Strongly customer-focused, used to providing support to demanding users.
- Good organisational skills, used to managing and prioritising own workload.
- Ability to report on progress, timescales, outstanding and completed activities.
What's on Offer
This is a great opportunity to join a global company working on high-profile projects across the globe. You will join at the initial stages of a new dedicated IT Security team, and will be encouraged to dive straight into - and take ownership of - enterprise-wide projects which match your skills and specialisms.
There is a wage package available for the right candidate, and plenty of opportunity for career and skills development. The organisation is keen to invest in its staff, who maintain a professional hard-working atmosphere but also an active social calendar.