Infosec lead – IT Security Design Manager | Permanent |

  • Permanent
  • Anywhere

Ref. 214360891 | 2021-08-10 20:03:11

Town: | Country: United Kingdom

Desccription: IT & DATA Security DESIGN : THE INFOSEC Lead – An extremely conscientious, cutting edge, innovative mature tech start up needs a virtual security manager!
Joining a very bright switched on, cultured team – We are not recruiting for the finished article but as much of the spec as possible! Home / Remote based
Ace Global HQ in Manchester
If you think you tick some of the spec and all the personality profile and ambition we are looking for – then please reach out!
Salary is also negotiable based on experience
Playing a lead role in identifying, defining and implementing platform and company security requirements, and working reporting to the Head of Technology within the development and DevOps team to help design secure architecture and ensure compliance with our regulatory and governance requirements.
The client’s cloud hosting, owning all security procedures, security architecture, security documentation and security standards compliance within the dev, DevOps and SRE teams, and own monitoring and intelligence relating to all cyber threats.
YOU/THEY – A passionate Techy?
The applicant should be curious about all aspects of technology, especially as it relates to infosec, and will be an enthusiastic learner.
They will be passionate about the security of the business, and take every potential vulnerability as a personal affront.
They will enjoy challenges, and be open and transparent about the problems they face, and will enjoy helping colleagues resolve their own problems without judgement.
The successful applicant will be hands-on and able to both design solutions and then implement and maintain those designs.
Requirements
Role Competencies ( We know we won’t get everything but we want to help you become the Infosec legend – so ‘potential’ counts for a lot!)
* Understanding of designing, building, and delivering a security programme in line with business objectives
* Security and monitoring in IaaS environment (GCP, AWS, or Azure)
* Knowledge of ISO27001 and GDPR
* Assess and analyse a wide range of information to draw conclusions on how to improve the security of our systems
* Deep knowledge of networking, infrastructure and applications from a DevOps perspective with a security focus
* Data storage/architecture best practices with respect to data security
* Awareness of common software security flaws and web application security best practice (OWASP top 10, CWE/SANS Top 25)
* Vulnerability management (OWASP Zap)
* SIEM (Security Onion)
* Experience of EDR solution (ideally CrowdStrike)
* Identity and Access Management
* Maintaining documentation on how to secure and maintain all services
* Applying/enforcing relevant parts of industry standards like IS27001 and PCI DSS
* Understanding of DevOps and Agile principles and how to embed security into the SDLC
* Strong understanding of Linux tooling and ecosystem
* Line management responsibilities
COMPANY VALUES – Fun fun fun – win win win !
* Make it happen – We own things and get them done whatever it takes
* Playful and positive – Life’s too short to take things too seriously, we like to have fun while we’re working and we love positivity – and yes the glass is half full
* We’re in it together – We all have our day jobs to do, our KPI’s to hit and projects to complete but we’re always available to help for the greater good of the business
* No politics – Seriously! We want to enjoy coming to work and that stuff doesn’t make it pleasant
* Know your stuff, keep learning – We value people who have the knowledge and have a thirst for it, lots of it
* No drama – Things don’t always go right as much as we try, having a hissy fit over it won’t help the situation and you won’t find that here
* With great data, comes great responsibility – Personal data is a big thing, particularly when you are the custodian of a lot of it, we take that very seriously
If you tick 50% of the spec and 100% of the attitude and personality part then YES PLEASE – APPLY NOW – Ask for Jessica

Salary Type:

Salary:

Category: IT

To apply for this job please visit www.cv-library.co.uk.

Rogerio da Silva

Rogerio da Silva is a Brazilian who lives in the UK for a little over two decades. He is the owner of a test consulting and outsources services for software development. He likes to blog, write and create content that teaches others how to live a better life. Rogerio has two princesses and one powerful wife that help him with his work. He loves reading biographies of successful authors and dream builders because they inspire him to keep creating!

%d bloggers like this: