Our Client based in Manchester are recruiting for a Security Specialist. The role is Outside of IR35
The Security Specialist is responsible for delivering hands-on technical security expertise which IS Operations will use to deliver its objectives successfully. They'll work within our technology leadership team and support the Innovation & Strategy Manager, and Principal Technologist with influencing and advising on our work, covering methodologies, service and system design, technical mentoring, product enhancement, security posture and controls, and supporting the extraction of best value from our systems and supply chain partners. Crucial to this role is the ability to build valued partnerships within IS Operations and beyond, to ensure we get the best value from the work we do today, and that our strategic vision is aligned to business requirements and technological innovations of the future. Working alongside our Reliability Engineering, and Defence & Availability Centre teams, they'll ensure that our systems and data are robust enough to defend us against vulnerabilities and attack. They'll advise on the evolution of our security capabilities according to the direction technology is taking. This work will actively contribute to the real-time customer experience, engineering expertise and, defence and availability of our services and apps.
- Responsible for operational product management of tools and apps.
- Support the successful implementation of technical quality assurance across our security operations and cyber defence technology stack.
- Attend our Technical Design Authority group when required and maintain awareness of new and emerging technology trends. Provide technology insights, ensuring that our operational architecture is fresh, modern, and meeting business needs. Work in partnership on this with peers and colleagues such as technical architects, product managers, along with engineers and developers.
- Create technical recommendation documents within their scope of work and present these to a range of audiences as required.
- Engage in various IS and business projects. This involves working closely with project managers, other technical staff and third-party suppliers.
- Establish themselves as a technical trusted advisor, internally and externally to shape and contribute to the overall success of IS Operations.
- Support major incidents where necessary. Through involvement and positive contributions to major incident reviews ensure that areas for improvement are openly and constructively discussed leading to lessons and actions as needed.
- Lead the security aspects of our continuous improvement programme, including the setting of standards, priorities, and decisions around what is valuable and what isn't. Focus will be on driving the maturity of and increasing the effectiveness of our services. Ensuring we're always working efficiently and effectively across our supported technical portfolio will be vital.
- Be a thought leader across security topics - driving automation, data analytics, customer experience, strategy, and continuous improvement.
- Support the appointment, development, motivation, and support of all team members across IS Operations to elevate their capabilities. Create and maintain a compassionate, safe, and continual learning culture where the knowledge and performance of IS Operations is valued and constantly advancing.
- As a member of our Technology Leadership team they will help other IS Operations colleagues to shape the technical capability of our section by supporting the technical security aspects of policy development, role designs and development, and recruitment. They will share their experience, knowledge and passion acting as a mentor and educator across IS Operations.
- Working with our suppliers and contracts, build and continually improve productive and valuable relationships which can be used to advance the work of our section. This will have a focus on achieving the highest level of performance from our products, services and relationships therefore ensuring that we're making the best use of our resources and assets.
Key Skills / Experience
- Possess strong technical security knowledge, based on significant hands-on experience in an IT environment, where a wide range of BAU and project activities take place.
- Key Tech: Palo Alto, Rapid 7, Cisco, Proof Point, M365, Dark Trace, Recorded Future
- Possess a good understanding of security architectures and topologies and the techniques needed to support security infrastructure solutions in enterprise environment
- Possess a good understanding and detailed knowledge of security toolsets with the techniques needed to support security infrastructure solutions in enterprise environment
- Have a good awareness and be able to work within information security and confidentiality legislatio
- Technical knowledge and practical experience of industry compliance and regulation requirements such as ISO27001, PCI-DSS, NIST, etc.
- Experienced in understanding, configuring and tuning security toolsets.
- Awareness of the latest technological developments and can easily feed these into their area of work.
- Good technical knowledge based on significant practical experience, across at least 2 years, including:
- Network and firewall security
- SIEM solutions
- Anti-malware solutions
- Penetration testing tools and methodologies
- Web Content and email filtering solutions
- Microsoft 365 apps & Azure ecosystem, including Sentinel
- Relevant technical security qualifications are desirable