Principle Cyber Security Specialist

Salary

**- Location

**-
- **The Vacancy**-
- **Job Title**: Principle Cyber Intelligence Specialist
- **Contract Type**: Permanent
- **Location**: Chatham/London
- **What We Offer**:

- **Holidays**: 25 days holiday up to 30 days (depending on service)
- **Pension**:We know it is important to save for the future, that is why we will contribute up to 10%
- **Maternity/Paternity**: We realise that family time is important, we offer enhanced maternity (after successful completion of probation) and 4 weeks paternity leave
- **Volunteering**: 2 paid days to ‘give back’ to the charity of your choice
- **Development**:LinkedIn Learning for all
- **Finance**: Snoop Premium available to all colleagues
- **Medical**:Opportunity to opt in for Private Medical Insurance
- **Bonus**:Discretionary annual bonus- ** Job Description**:

- As a Principle Information Security Specialist you will be responsible for ensuring Group assets are secured appropriately based on their importance to the Group.
- You will enhance the Groups security posture and ensure all people, processes and technology operate in a secure manner by working collaboratively with internal colleagues and external providers and providing security consultancy and design expertise.
- **Key Responsibilities**:

- **Information Security**:

- To provide expert advice and guidance on how to minimise the impact to the Groups of potential threats to the network or assets.
- To liaise with potential or current partners and suppliers to the Groups and evaluate the information security levels of the company or products.
- As required provide leadership, mentoring and guidance to the Service Desk and Infrastructure engineers in the event of a Security alert.
- As required support and investigate the vulnerability of the Groups to potential malicious attacks and recommend defensive actions.

** Policy, Standard, Procedures and Guidelines**:

- To provide SME knowledge to ensure that information security policies are implemented, enforced, monitored and complied with and to ensure the Group embraces a culture of Information Security.
- To develop and review Information Security Standards and Guidelines within the Groups in line with Policies and Industry best practises.
- To develop and ensure security procedures are approved that provide the more detailed steps that service areas need to adhere to in order to implement that Information Security policies.
- To provide SME knowledge and leadership support to the Security GRC team to deliver.

** Risk Management**:

- To work collaboratively with the Infrastructure Solution Architects, Information Security pillars and IT GRC Team to provide advice and guidance on all Information Security Risks with regards to areas such as infrastructure, changes to processes or software implementations.
- To expertly critique the high-level and low-level designs within projects. Working on all such projects taking ownership of delivering Information Security throughout their lifecycle to ensure the Groups meets compliance and regulatory requirements.
- To take ownership ensure that regular risk assessments are completed in departments and the results are recorded and reported to the correct senior leaders and forums.
- To provide expert guidance in taking timely action resulting from any risk assessment recommendations. This may involve liaison with other departments, partners or suppliers. Monitor and escalate any issues of non-compliance to the Information Security Leadership.

** Keep abreast of data security trends**:

- Be aware of current and possible future trends in information security and take into account current Groups procedures, to define and develop procedures and policies for appropriate and secure use of the Group’s IT systems.
- Adherence to standards, including NIST and Information Technology, PCI-DSS and Infrastructure Library (ITIL).

** What will make you stand out?**- Be able to build working relationships with both technical and business stakeholders, gaining their respect and trust based on your knowledge and professionalism.
- Experience of working in a large company and/or Enterprise environment - with understanding of multiple stakeholders and how to manage change.
- An understanding of cloud technology (preferably Azure)
- Excellent communication and presentation skills are paramount, alongside workload delegate management.
- Strong understanding of cybersecurity standards and frameworks e.g. ISO27001, NIST, CIS, OWASP, SOC2
- Information security frameworks
- Experience with Security technologies- ** Why Join Us**:

- **Flexible Working Hours**: We understand the importance of work-life balance and offer flexible working arrangements.
- **Career Development**: We provide opportunities for continuous learning and professional growth, including mentorship programs and training sessions.
- **Inclusive Culture**: We are dedicated to creating an inclusive environment where everyone can thrive. Our diversity and