Security Consultant - Guildford - up to £65,000

Posted 6 days ago by Proxime Search Easy Apply

Security Consultant - Guildford - up to £65,000

Main responsibilities:

  • Ensuring the information security risks are under explicit management control though the Information Security Management System
  • Assisting with developing and implementing information security management processes and procedures
  • Assisting with ensuring compliance and/or certification for security standards such as ISO 27001, CESG, G-Cloud Frameworks, PSN, NHS and other commercial and Government security standards
  • Assisting with identification, documentation and dissemination of security requirements, which ensure the continued mitigation from threats to company Managed Cloud Services’ customer environments and data, datacentres, associated systems and employees
  • Providing active input into the technical design, implementation, operation and maintenance of the Information Security Management System based on the ISO/IEC 27000 series standards
  • Leading/commissioning establishment and implementation of remediation plans following security assessment, auditing, scanning and/or penetration testing engagements and other related security activities
  • Defining and producing security policies, procedures, processes and other documentation as required
  • Providing effective internal technical security consultancy advice and practical assistance on information security risk and control matters throughout the organisation and to its customers
  • Providing active input into and/or commissioning the preparation and advising on the implementation of necessary information security policies, standards, procedures and guidelines, in conjunction with the Information Security Team
  • Leading the design and operation of related compliance monitoring to ensure compliance both with internal security policies and applicable laws and regulations
  • Identifying, reporting and resolving security threats, vulnerabilities and breaches that contravene our security policies, standards, procedures and guidelines to ensure staff are held accountable and to identify training requirements or system inadequacies
  • Leading or commissioning root cause and forensic analysis of security breaches in a confidential manner
  • Performing a lead security function through active creation and/or participation of security related designs and associated documentation including the review, assessment and approval of proposed architectural changes and security designs created by others
  • Implementing and configuring security related components when necessary
  • Providing advice and approval within the business Change Management process from a security perspective
  • Leading, assisting or commissioning the implementation of security related architecture
  • Keeping abreast of the latest cyber threats and security vulnerabilities, applicable to the company Architecture which require action

Skills & experience you will have…

Essential:

  • 5 years+ experience in technical consultancy role, with at least 2 years in a similar security related position, ideally in a client facing commercial organisation
  • Significant experience of all aspects of multi tenancy environments using Hyper-V with an emphasis on security related activities
  • Expert knowledge of DPA (Data Protection Act) and GDPR (General Data Protection Regulation)
  • Ability to assess and quantify security risks in line with CVSS and recommend appropriate treatment
  • In depth knowledge of:

o Identity and access management, security monitoring and Cloud security

o Current security-related standards and certifications such as ISO 27001, G-Cloud Frameworks, Cyber Essentials, PCI, PSN, NHS and other commercial/Government security standards

o Security best practice awareness and investigation (including penetration testing method and network hardening, IPS / IDS, IPSEC and SSL VPNs)

o Hyper V, Windows server, Cisco reference architecture, firewalls

o Risk analysis and treatment plans

o Intrusion detection and prevention

o TMG/UAG and ISA experience

o Authentication methods (including 2FA, AD, RADIUS and certificate-based authentication)

o Technical design and testing plan creation

o Penetration testing methodology and approach

Desirable:

  • ITIL qualified, Experience in a commercial IT Solutions provider or Managed Services environment, GPG13, SIEM, COBIT 5, Solarwinds, SecureWorks, Public Cloud Azure\AWS

Direct reports: none currently

Security Screening

It is a requirement of employment that employees pass a security screening to Baseline Personnel Security Standard.

Required skills

  • CISCO
  • Forensic Analysis
  • Management System
  • Information Security Management
  • Solarwinds

Reference: 34672457

Bank or payment details should not be provided when applying for a job. reed.co.uk is not responsible for any external website content. All applications should be made via the 'Apply now' button.

Report this job