IT Support & Services, based in Newcastle upon Tyne

Information Security Specialist

Newcastle upon Tyne

Application Close Date: 30th Sep 2019 (39 days remaining)


Information Security Specialist

Newcastle upon Tyne | Job ID: 19003 | £35,000 to £40,000 per year

Role Details

Job Title: Information Security Specialist

Department/Location: IT Support & Services in Newcastle upon Tyne

Responsible to: Operations Director

Hours of work: 40 hours (9-5 Monday to Friday)

 

Main Purpose:

The Information Security Specialist will be responsible for supporting the security/cyber department by dealing with queries, offering advice and guidance on industry best practices and assisting with security incident activities.

 

Principal Duties and Responsibilities:

  • Implementing and managing security technologies including; firewalls, anti-malware, IDS/IPS, web filtering, email filtering, SIEM, patch management, MDM and DLP
  • Security alert triage and first responder
  • Vulnerability scanning service management, issue triage and remediation
  • Information Security Services tuning and improvement: “raising the bar” by identifying appropriate controls or functionality in existing technology, working with Service Management teams to drive adoption whilst minimising adverse business impact
  • Handle information security queries from other departments
  • Work with 3rd party Audit upon request, as well as facilitate independent security audits that have been provisioned
  • Support information security incident activities
  • Participate within business projects offering security guidance and advice based upon industry best practices
  • Identifying and analysing Information Security risks to the business in order to then develop risk management controls and design processes to eliminate or mitigate potential risks.
  • Conducting policy and compliance audits, which will include liaising with internal interested parties and external auditors
  • Any such duties that may be required.

 

Key Competence Requirements

  • Self-motivated and tenacious in performance of your duties
  • Be able to manage, process and implement security policies
  • Ability to influence senior stakeholders and work effectively across different groups and divisions
  • Willingness to adapt to changes in technology and support the wider team in achieving deliverables, even when outside of core role

  

Experience and/or Qualifications

Essential:

  • Cloud security experience for both 3rd party and PDR-hosted systems in public/private clouds
  • Experience of implementing and maintaining PCI-DSS in at least a level 2 merchant environment (PCI Internal Security Assessor status desirable).
  • Relevant qualifications desirable but not essential if equivalent experience can be demonstrated (CISMP, CISSP)

 

Desirable:

  • Previous experience with large, complex IT change projects (Information Security aspects)
  • Experience of implementing and maintaining ISO27001 in a multi-site organisation
  • Experience of, or willingness to learn, risk assessment and management techniques, process and policy creation/review, compliance audit activities and risk reporting.
  • Experience using the following technologies is desirable: LogRhythm, Fortinet Fortigate appliances, Symantec ITMS, PRTG, SNORT, Cyberark Core Privileged Access Management, Cisco ISE, Forescout, Sophos Endpoint security products, Tenable Nessus/IO, SD WAN solutions.

 

Share

Role Contact

Speak to Natalie Day

HR Executive

Apply for Information Security Specialist

Recruitment

  • Under compliance with the Data Protection Act 1998, completing this form is taken as authority for the information to be used within our HR processes, systems and procedures.