Back to jobs

Information Security Specialist

Job description

I am currently looking for an experienced Information Security Specialist for an amazing children's charity. Your role will be to assist with safeguarding the organisation's information assets and systems by advising on their cyber security programme and new business initiatives involving the use of technology. You will be responsible for updating and maintaining the Information Security Policy and related procedures, standards, and guidance, and assisting in the management and investigation of cyber-security related incidents.
As Information Security Specialist you will work closely with the Legal & Compliance and Technology teams and be comfortable engaging with a wide variety of stakeholders at all levels of the organisation. You will be responsible for reviewing security frameworks, identifying potential and actual Information Security problems, and implementing mitigations to address them. You will also establish and validate cyber controls by developing and recommending improvements to the framework for controls and levels of access. In addition, you will:

Maintain assurance over escalated system access by providing regular information, resources, and technical support
Ensure authorised systems access, reporting violations, monitoring information requests for new systems and recommending process improvements
Provide advice and sign-off for information security initiatives such as firewall rules
Investigate security incidents in accordance with protocols, collaborating with response teams in Technology and Legal & Compliance.
To be successful you will hold a CISSP or CISM qualification and have experience working in a similar role. Driven to improve systems and processes, you will also be adept at providing subject matter expert advice on the delivery of technical projects. You should also have the ability to clearly articulate technical concepts to a variety of non-technical audiences. In addition, you will have:

A sound understanding of core principles of network and server cloud architecture, Mobile Device Management, encryption, vulnerability scanning, and SIEM monitoring
The ability to effectively influence senior leadership in strategic decision making
An understanding of disaster recovery principles and an awareness of PCI-DSS legislation and standards

If you have the above skills and experience and are immediately available, please apply online or contact Sekai today!