Log In Sign Up

Information Security Specialist

Premium Job From Computer Futures

Recruiter

Computer Futures

Listed on

21st June 2017

Location

London

Salary/Rate

£50000 - £65000

Type

Permanent

Start Date

ASAP

This job has now expired please search on the home page to find live IT Jobs.

Information Security Specialist - London - Financial Services

Information Security - ISO27001 - PCI-DSS - ITIL - SIEM - DPA - Data Protection - GDPR - Security Audit

An award winning financial company are seeking a Information Security Specialist to join their site in Central London.

Job summary

To act as an information security SME on projects from a governance, risk, compliance and technical standpoint. To assist and provide direction to the project managers.

In particular, the post holder will need to ensure the company complies with relevant legislation, regulations, codes of practice or technical guidance in all matters relating to security, and will need to be aware of the bigger picture within the organisation and also understand the importance of Data Security management, including external drivers and standards such as ISO 27001 and PCI-DSS. The post-holder will be responsible for keeping the organisation informed on these issues and advising them of the best approach.

INFORMATION SECURITY

* To provide advice and guidance on how to minimise the impact to the company of potential threats to the network or assets

* To liaise with potential or current partners and suppliers and evaluate the information security levels of the company or products.

* As required assist and provide guidance to the Service Desk and Infrastructure engineers in the event of a Security alert.

* As required investigate the vulnerability to potential malicious attacks and recommend defensive actions.POLICY, STANDARDS, PROCEDURES AND GUIDLINES

* To ensure that data security policies are implemented, enforced, monitored and complied with and to ensure the company embraces a culture of Information Security.

* To develop and ensure data security procedures are approved that provide the more detailed steps that service areas need to adhere to in order to implement that data security policies.RISK MANAGEMENT

* To work with Infrastructure Solution Architects and advice on all Information Security Risks with regards to infrastructure, changes to processes or software implementations. To critique the high and low level designs within projects. Working on all such projects throughout their lifecycle to ensure compliance and regulatory requirements are met.

* To ensure that regular risk assessments are completed in departments and the results are recorded.

* To assist in taking timely action resulting from any risk assessment recommendations. This may involve liaison with other departments, partners or suppliers. It is essential to keep the IT Security department informed if there are any issues of non-compliance.KEEP ABREAST OF DATA SECURITY TRENDS

* Be aware of current and possible future trends in information security and take into account current procedures, to define and develop procedures and policies for appropriate and secure use of the IT systems.

* Adherence to standards, including ISO27001 and Information Technology, PCI-DSS and Infrastructure Library (ITIL)

DESIRABLE:

SECURITY AUDIT

* Lead on an regular security audits of all IT infrastructure systems and facilities, to include, but not restricted to, the following: (a) a full penetration test, (b) a network summary that will identify all IP addressable devices, (c) network analysis, including exploitable switches, (d) vulnerability analysis, including patch levels, poor passwords and services used, (d) exploitation analysis, and (e) a summary report with recommendations for improvement.

INCIDENT MANAGEMENT

* To ensure that the information systems are secure and to respond to security related incidents in whatever way is appropriate.

ADDITIONAL:

* To undertake other duties commensurate to the grade of the post.

* To represent the IT Security Manager or Information Security Architecture Manager at meetings in relation to data protection and information security

* To prepare written reports for the IT Security Manager and Information Security Architecture Manager and Project Boards as required.

* To deputise at meetings for the Information Security Architecture Manager as required.

* To use and assist others in the use of information technology systems to carry out duties in the most efficient and effective manner.

* To achieve agreed service outcomes and outputs, and personal appraisal targets, as agreed by the line manager.

SYSTEMS (indicate packages used/standard required and whether training will be provided)

* Experience supporting customers with the following:

* LAN & WAN networking including using routers, switches and infrastructure products

* Network Security technologies (e.g. Firewalls, IDS, Proxies)

* Strong understanding of TCP/IP

* Linux/Unix & Windows Desktop and Server Operating Systems

* Virtualisation and Thin-Client Products

* Databases

* DPA, ISO27001 and PCI-DSS

* Good knowledge of the following applications:

* SIEM Tools (e.g. LogRhythm, Splunk)

* URL Filtering and DLP (e.g. Websense Checkpoint)

* Encryption and hardening Techniques

* Mobile operating systems (e.g. Android, iOS, Windows Mobile)

* Cloud computing

Sthree UK is acting as an Employment Agency in relation to this vacancy.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox