Location: South East, England
Our clients systems need to meet both regulatory, legal and customer security requirements; they must also be designed to provide the right level of security. Working alongside others, you will be the specialist responsible for the development and rollout of security standards and policies for IT applications and development. You will contribute to the overall Information Assurance security strategy.
You will perform technical security assessments of these areas, audits and present your findings to the security team and others in the business. Where necessary you will engage with third-parties to support in the work and to recommend additional security technologies and systems to deliver the required protection.
You will be responsible for the prioritisation of any remedial work, driving security improvements across the business. It will probably also involve training non-security staff on risks and sensible approaches for their mitigation.
You will be required to ensure that the security standards are followed by the subcontractors, using contractual controls, auditing and personal relationships to ensure security practices are followed.
You may also be required to provide incident support.
• Excellent understanding of development, application, database and OS security issues.
• Understanding of web security issues, cross site scripting, SQL injection etc.
• Understanding of cryptography, authentication etc.
• Understanding of Windows Active Directory security architecture and issues.
• Testing of host and application security
• Excellent written and verbal communication skills, including development of policy and standards.
• Understanding of security risks, vulnerabilities
• Windows, UNIX/Linux, AD.
• A working knowledge of standard security technologies such as Firewalls, SEM platforms, logging.
Desired skills and experience
• Ideally you will have had experience working in an international organisation and handling issues that cross cultural boundaries.
• UK Government security clearance
• PRINCE based project management methodologies
• ISO 27001 (to lead auditor / implementer standard)
• CISSP / CISM
The application deadline for this job has passed. Please click here
to return to the jobs list.