Cyber Security Specialist

Job Description

Job title: Cyber Security Specialist

Company: Planet Recruitment

Job description: IT Cyber Security specialist
Kidlington
£50k
Benefits:
*
Global organisation committed to accelerating an efficient, electric, decarbonised future

• Agile working environment
• Competitive salaries
• Williams Advanced Engineering bonus scheme (dependent on results)
• 26 days holiday plus 8 public holidays (9 for 2022)
• Early finish at 3.30pm on a Friday (providing standard 40 hour week is covered)
• Pension: 4% and 8% employers contribution, increases with service after 3 years (increasing to and 10% after 3 years service
• Group Life Assurance: no cost to employee, 4 x salary for designated dependents, top up to max 10 x salary in first 30 days
• Group Income Protection: pays up to 70% salary, up to 5 years
• Health Cash Plan: covering Optical, Dental, Physio/Osteo/Chiro, 24/7 GP plus prescriptions
• Buy and sell holiday options

Employee Assistance Programme: professional advice, counselling, financial, legal

• Private Medical Insurance: free at the basic level – P11D benefit
• TEDS Nursery vouchers salary sacrifice scheme
• Occupational Health support
• Free on site gym membership including full range of classes
• On site restaurant
• Employee charity support initiative
• Salary sacrifice Electric Car Scheme
• Workwear
• Employee training system
• Complementary fresh fruit

An opportunity has arisen for IT Cyber Security Specialist to join our IT team in a rapidly expanding and exciting work environment. Purpose of the role is to be responsible for overseeing information security, cyber security and ICT risk management programs based on industry-accepted information security and risk management frameworks. This includes identifying and mitigating security risks, responding to security incidents, conducting security audits and providing the IT roadmap to relevant industry standard accreditations, e.g. Cyber Essentials/Cyber Essentials+, ISO27001 or NIST.

Job role:

• Coordinate the continuous development, implementation and updating of cyber security and privacy policies, standards, guidelines, baselines, controls, processes and procedures in compliance with relevant regulations and standards for information systems.
• Develop and manage the frameworks, processes, tools and consultancy required to manage IT Cyber & Information Security risks and to make risk-based decisions related to IT activities.
• Proactively identifying and mitigating security risks and vulnerabilities through continuous assessment internally and working with external 3rd party auditors to conduct periodic reviews.
• Proactively identifying and mitigating IT risks as well as responding to observations identified by third-party auditors or examiners while assisting in developing periodic reports and dashboards presenting the level of controls compliance and current IT risk posture.
• Develop a framework for cyber security controls relating to Operational Technology infrastructure for manufacturing.
• Assist IT managers and staff with the audits and facilitate management response and remediation efforts.
• Ensure overall IT compliance with regulatory requirements through proactive planning, communication, ownership, and relationships with key stakeholders.
• Identify acceptable levels of residual risk and assist with action plans, policy and procedural changes for risk mitigation. Provide strategic recommendations to key IT projects to help improve project results, quality of deliverables, risk optimisation, security processes and compliance with regulations.
• Facilitate cyber security, information security management and regulatory (as required) training for all employees.
• Support internal investigations, prepare written findings and recommendations, and carry out follow-up activities.
• Coordinate Information Security Incident response activities, manage reporting for events and/or exploited vulnerabilities, including unauthorised system or network access, denial of service, inappropriate data access, data corruption, and/or collection of private or confidential information.
• IT point of contact for disputes, requests for exceptions and complaints regarding business-wide information systems security policies, practices and related issues, supported by the IT Management Team.
• Work as a liaison for external bodies requiring information and reports on IT security incidents.
• Create and maintain all relevant Cyber and Information Security documentation and procedures.
• Stay up-to-date on the latest security threats and technologies
• Work with other IT staff and business stakeholders to ensure the security of the company’s information assets
• Contribute to solutions developed by Operations & Infrastructure, Applications and Service Delivery teams to ensure cyber security controls and principles and maintained and upheld at all times.
• Contribute to the IT Service Catalogue.
• Be a member of the IT Change Advisory Board and IT Incident Management and Response team.
• Support the Out Of Hours Incident Management process for cyber security incidents
• Work within the ITIL aligned IT management framework as lead by Head of IT
• Own additional IT Processes as identified/required.

You’ll have:

• Experience in a similar/IT related role – Essential
• Experience working within a Microsoft enterprise environment – Essential
• Knowledge of IT processes and controls and excellent understanding of risk and control frameworks e.g. CoBIT, ISO, NCSC, NIST and ITIL. – Essential
• Possess Certified Information Systems Security Professional (CISSP) or other information systems security certifications – Desirable
• An excellent understanding of information security regulatory requirements and standards such as ISO 27001/2, Cyber Essentials/Cyber Essentials Plus, SANS top 20, NIST SP-800-53 – Essential
• Understanding of ISO21434, TISAX and other related automotive standards – Desirable
• Good practical knowledge of security technologies and wider business solutions, including Firewalls, IDS/IPS, Identity and access management, SIEM, remote working and cloud technologies – Essential
• An excellent understanding of legislation and regulations that impact information Security, E.g., Data Protection Act (2018).
• A good understanding of Application Security threats and countermeasures.
• A degree level education in an IT or related technical discipline (e.g. Engineering) – Desirable
• A team player used to learning new skills & taking on new challenges – Essential
• ITIL Foundation Qualified – Desirable
• A friendly and approachable disposition – Essential

We’ll provide:

• Training to add to your existing skills and accelerate your career
• A supportive and empowering work environment

Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer.

By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information.

Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application.

Please note that no terminology in this advert is intended to discriminate on the grounds of a person’s gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.

Job Information

Job Reference: AW000266_1699622093

Salary: £45000 – £50000 per annum

Salary From: £45000

Salary To: £50000

Job Industries: IT

Job Locations: Kidlington, Oxfordshire

Job Types: Permanent

Expected salary: £45000 per year

Location: Kidlington, Oxfordshire

Job date: Sun, 12 Nov 2023 08:17:19 GMT

Apply for the job now!