Security Specialist with Risk Management - Cyber/CISSP/CISM
Recruiting immediately and on a contract basis, for a fantastic client in Maidenhead. This role forms part of the Risk and Security team, with Risk and Security being part of the wider Business Operations function. Responsible for managing Information Security, Business Risk Management, Business Continuity and Physical Security.
- Provide input and support into the management of security toolsets, including IDS and Log Management tools, ensuring that indications of malicious activity are identified, investigated and resolved.
- Identify, log, communicate and manage security weaknesses and risks throughout the business, working cross-functionally to remediate or control those risks.
- Implement and maintain a suite of security metrics to enable the effectiveness of the security strategy and operation to be measured and related security issues to be understood and managed.
- To provide and support an assurance process around our product pipeline from a security perspective - designing security features in and vulnerabilities out as part of product development.
- Recommend, develop, publish, implement and monitor security policy and procedures for the business taking into account legislation, business culture and risk.
- To manage the security processes that support the customer including carrying out day to day operational security requests
- Supports, advises and gives guidance to internal customers on security risk matters ensuring that risks and weaknesses throughout the business are correctly identified, prioritised, investigated and resolved
Knowledge and Experience
- A strong, technical understanding of information security and risk principles with an ability to recommend simple, straightforward solutions that are relevant to the organisation (experience of administration of Windows, Linux or Solaris- good to have)
- Good understanding of authentication and directory services like Active Directory
- Strong grasp of network technologies
- An inherent and effective ability to influence the security agenda across and up the organisation
- Effective relationship building and stakeholder management skills
- Key capability in managing change and coping with change
- An ability to remain calm under pressure and manage incidents to resolution
- Clear competence working within, across or leading virtual teams to a clear outcome
- Excellent skills in multi-tasking and managing priorities
- First class communication skills - we really need someone who can listen and absorb, talk and hold the attention of others and produce documentation that is simple, effective and concise
- An approach that is diligent and professional and that engenders trust with others
- Previous experience of auditing network infrastructure and achieving compliance to industry standards.
- Experience working in an environment where some (or all) security services are outsourced to a third-party
- Professional qualifications e.g. CISSP, CISM, CISA, CRISC (or a desire to achieve those)
- Involvement in security awareness campaigns within large organisations
In order to apply to the role, please email your most recent CV to Richard.Gallagher@projectpeople.com and your application will be considered.
Project People is acting as an Employment Business in relation to this vacancy.