Our client based in North West Leeds is a global organisation specialising in Consultancy services. They are now looking to hire an Information Security Consultant to join their existing Information Security team.
The Information Security Consultant will work with the Information Security team to provide advice and guidance on IT security and further develop IT policies and processes across a multi-region infrastructure consisting of 6600 staff and 100 sites. As a member of the IT Security team, you will review all aspects of the IT environment and its components and will be responsible for gathering requirements, designing and implementing enterprise-wide solutions. The successful candidate will be required to proactively improve and provide advice and guidance on information security matters.
Key Duties and Responsibilities:
▪ Develop and enhance security policies, processes, procedures and technical controls to strengthen security capabilities and resilience to cyber threats
▪ Take a proactive role in identifying security risks, mitigations and opportunities to strengthen company resilience to cyber-attacks and security incidents
▪ Participate in the design and implementation of systems and applications to ensure that proposed solutions comply with the company's IT Security policies
▪ Assist with security incident management and response activities
▪ Interact with the IT team to provide and share technical issue resolution knowledge and deployment/adoption processes best practices
▪ Implement and manage the Microsoft MFA environment to protect critical systems and information
▪ Develop user and technical training guides to help support and use the system
▪ Implement and manage Microsoft end-point management to secure and protect end user devices by introducing controls in line with IT policies
▪ Management and maintenance of the Thycotic PAM environment to restrict unauthorised software usage and to proactively block malicious processes
▪ Maintain and manage the IT Risk register to ensure that IT risks are regularly reviewed, correctly identified, assessed, reported and mitigated in line with recommended best practices
Provide analysis of information security risk and issues of non-compliance
▪ Perform regular, proactive reviews of system audit logs to identify inappropriate usage, system configuration issues and faults. Ensuring issues are raised and mitigated and retested
▪ Test DR plans and capabilities to ensure they work as designed, identifying gaps and lessons learnt to drive continual development and enhancement
▪ Work with the business to formalise and develop Business Continuity plans and perform periodic testing to ensure they remain effective and are updated to reflect changes in the business
▪ Excellent hands-on experience of security and/or infrastructure within an enterprise environment
▪ Comprehensive experience and in-depth knowledge of enterprise information security and standards including Cyber Essentials, ISO 27001, 27002 etc. Data Protection Act and the General Data Protection Regulation
▪ Microsoft O365 Security solutions; Microsoft core OS; Networking; Security operations; Penetration testing; Security Auditing; Forensics; Security architecture
▪ Good understanding of security testing principles, including experience of penetration testing, identifying, resolving, and reporting risks
▪ Experience of formal document creation, such as the creation of reports or procedures
▪ Experience of carrying out risk reviews, technology audits or other similar work
Headway Recruitment is acting as an Employment Agency in relation to this vacancy. Headway Recruitment are an equal opportunities employer and we are committed to a policy of diversity, equality and inclusion.