£50000.00 - £58000.00 per annum
22 days ago
Develops, configures, documents, and maintains information security solutions. Installs and configures web proxies, intrusion detection systems, endpoint monitoring software, and vulnerability scanning systems. Ensures that threats and vulnerabilities to the organisation's business systems and applications (both in-house and cloud-based) are minimised. Manages encryption protocols to protect the organisations data as well as management of authentication and access controls. Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes. Monitors overall compliance with security standards and conducts periodic security reviews.
* Delivers secure solutions and/or secure remediation solutions for highly complex projects to the enterprise with intermediate technical applications included.
* Installs tools to specifically secure each level within security frame work for highly complex projects.
* Provides expert advice and leads discussions on new security technologies and trends
* Investigates intrusion incidents, conduct forensic investigations for highly complex projects and provide incident responses.
* Bachelors Degree
* Relevant Experience or Degree in: in Information Security or Computer Science preferred.
* Typically Minimum 5 Years relevant experience
* One or more of the following-CISSP, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, CGEIT
* Advanced experience defining, implementing, and maintaining security policy, standards and procedures. Knowledge of Advanced Persistent Threats, Network access controls, gateway Anti-malware and enhanced authentication as well as experience in Identity and access management principals.
Desired Skills and Capabilities
*Determines methods and procedures on new assignments and may coordinate activities of other personnel
* Network Engineering - Guides others in their understanding of TCP/IP network connectivity, subnet segmentation, security zones, secure ports/protocols, network authentication/authorization, security tools and their applicability (WAF, IPS, Sandbox, etc.).
* Vulnerability testing, risk analyses and security assessments - Knowledge of vulnerability testing, risk analyses and security assessments
* Knowledge of Industry regulatory audit requirements and solutions and Authentication, authorization, and encryption solutions