Browse by first letter of the job description
Please help us to keep this site free by liking us on Facebook. Click on the Facebook logo and click `like`-thanks
"The database of free job descriptions"
The primary focus being to ensure that services user information, is protected, in accordance with the needs of the business and according to Information Security principles of availability, integrity and confidentiality.
Essentials of the role:
Demonstrable experience in technology security related roles, with demonstrable experience
of identifying and managing information security risks in complex or critical scenarios
Understanding of Intrusion Theory and Practice
Understanding of enterprise IT infrastructure and architectures
Demonstrable understanding of information security detection and protection methodologies
Experience of assisting technical users with identification of information threats/vulnerabilities/risks
Understanding of a wide range of information security related topics and industry standards,
including ISO27001 and ITIL.
Ability to review complex information systems, identify risks and recommend appropriate,
pragmatic (and cost effective) solutions to mitigate those risks.
Highly effective and creative problem-solving skills
Ability to convey and explain complex technical information to technical staff
Ability to communicate and collaborate at all technical levels of the corporation, and externally
Demonstrable experience of writing technical reports, documentation and standards
accurately and to designated timescales
Excellent written and verbal communication and presentation skills
Confidence to make decisions where appropriate and to ask for assistance when necessary
Ability to manage multiple tasks and work streams effectively and prioritise accordingly
Be able to work on own initiative with minimal supervision
Additional Desirables for Role
Web application and API development and architectural experience
Consumer facing internet Identity Management
Unix / Linux security and/or administration understanding, especially Red Hat/CentOS
Windows / active directory security understanding and experience
Virtualized environments security and/or administration experience
Cloud security concepts and solutions understanding such as AWS, and Azure
Experience of ensuring security in agile/iterative development.
Experience of working in an organisation with a distributed hierarchy and using multiple
outsourced support companies
Technical understanding and experience of enterprise network management and monitoring
Background in formal study of information technology, information security or technical
Understanding of how information security strategy aligns with business and technology
Advanced degree in Information security preferred but not essential.
Formal certification in Information security preferred but not essential.
Free Job description Information Security Technical Specialist
To be embedded within major programmes of work and become the acknowledged Information Security SME for the development
Assist in the shaping, planning and implementation of programmes (and associated projects) of work that form part of the company roadmaps Collaborate on projects in the Information Security improvement programme to provide
consultancy and assistance as required
Technical Risk Assessment
Conduct security risk assessments of complex infrastructure programmes and projects
Prioritize work in accordance with the potential risk profile of the projects at hand
Lead and undertake reviews of new programme initiatives and ensure that formal risk assessments are carried out as necessary
Make recommendations to project teams, sponsors and senior management with regard to identified Information Security risks
Represent Information Security as SME at Programme governance meetings
Ensure all relevant documentation is reviewed and feedback provided
Lead on the business relationship between Programmes and the wider Information Security team.
Build, manage and maintain relationships as the SME with all personnel at all levels within allocated Programmes
Ensure that Information Security policies and related standards and guidelines are applied appropriately
Report and escalate appropriately any identified risks or threats
Training and Awareness
Encourage and facilitate appropriate security Education and Awareness training for teams within allocated Programmes
SCOPE OF ROLE – KEY METRICS
Required to communicate and collaborate at all levels within the corporation, and externally
Must be able to talk in business terms about security issues and impacts, and to understand the need for pragmatism where necessary.
3rd Party Relationships:
Represent cmpany at appropriate and agreed external meetings & forums. Assure the delivery of security services from third parties.
Planning and Organising:
Expected to organise their own workload within parameters set down by management.
Health & Safety:
Normal Office staff requirements
Will be expected to provide security advice and assistance to major programmes within the company. This position will balance technical, statutory and good practice security
requirements with business imperatives and corporate goals.
The role therefore needs both in-depth technical experience and security understanding, allied with the ability to talk to senior management and planners in business terms. As the sole SME within the Programmes, will be expected to be
self-organising and directing within team goals.