Information Security Engineer
Role purpose
To develop the technology infrastructure to safeguard any privileged or proprietary information that the business possesses; to work with the Information Security Manager to provide guidance for the formation security needs
Role Responsibilities
- Evaluate and securely configure systems in line with best security practices:
- Endpoints;
- Network security devices such as firewalls and switches;
- Cloud environments e.g., Azure and Office 365;
- Cyber security products and solutions e.g., Mobile Device Management (MDM) and anti-malware solutions;
- Manage access control, endpoint, network, cloud and email security;
- Develop security reports.
- Pro-actively monitor and remediate security alerts.
- Execute the investigation of security breaches or potential breaches and assist with disciplinary and legal matters associated with such violations.
- Engage in promoting and refining the corporate security awareness and training program.
- Prepare reports and management information regarding the state and effectiveness of security controls.
- Understand potential and emerging information security threats, vulnerabilities, and communicate this information to appropriate team members throughout the company on a timely basis.
- Maintain and contribute to comprehensive information security standards, policies, procedures, and guidelines.
- Maintain awareness of security trends, technologies, legal and compliance requirements.
- Engage and support outside consultants as appropriate for security audits.
Experience
- Technical IT and cyber security skills, including endpoint, network and cloud
- Broad technical experience of a range of cyber security products and solutions
- Technical troubleshooting and engineering skills
- Sound organisational skills and excellent attention to detail
- Excellent verbal and written communication skills, and collaborative approach to work
- Able to 'own' technical tasks and challenges and see them through to a swift and complete conclusion
- Experience of working within a regulated industry (such as insurance or banking) is desirable
- Experience of working within a Cyber Essentials / IASME Gold / ISO27001 certified environment is desirable, but not essential