IT Security Officer

• Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
• Contributes to development of information security policies, standards and guidelines.
• Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems. Investigates major breaches of security and recommends appropriate control improvements.
• Develops new architectures that manage the risks posed by new technologies and business practices.

• Plans and implements complex and substantial risk management activities within a specific function, technical area, project or programme.
• Establishes consistent risk management processes and reporting mechanisms aligned with governance frameworks.
• Engages specialists and domain experts as necessary.
• Advises on the organisation's approach to risk management.

• Oversees security operations procedures, ensuring adherence and effectiveness, including cloud security practices and automated threat responses.
• Reviews actual or potential security breaches and vulnerabilities and ensures they are promptly and thoroughly investigated. Recommends actions and appropriate control improvements.
• Ensures the integrity and completeness of security records, ensuring timely support and adherence to established procedures.
• Contributes to the creation and maintenance of security policies, standards and procedures integrating new compliance requirements and technology advances.

• Selects appropriate testing approaches using in-depth technical analysis of risks and typical vulnerabilities.
• Produces test scripts, materials and test packs and tests new and existing networks, systems or applications. Provides advice on penetration testing to support others.
• Records and analyses outcomes and result and modifies tests if necessary.
• Provides reports on progress, anomalies, risks and issues associated with the overall project.

• Collates and analyses catalogues of information and technology assets for vulnerability assessment.
• Performs vulnerability assessments and business impact analysis for medium complexity information systems.
• Contributes to selection and deployment of vulnerability assessment tools and techniques

• Plans and manages threat intelligence activities.
• Identifies the most impactful threat categories and types of information that can help defend against them. Reviews, ranks and categorises qualitative threat intelligence information.
• Provides expert advice on threat intelligence activities.
• Leads the production and editing of threat intelligence reports that enhance the intelligence production workflow. Distributes information and obtains feedback about the value, usefulness and impact of the data.

• Proven experience in a Cyber Security role.
• 5-10 years in a relevant role preferably within a regulated entity.
• Relevant Professional qualifications (desirable).
• In-depth understanding of computer systems - hardware, software, networks, cyber security etc.
• Experience in implementing technological upgrades, improvements and changes to the information security environment.
• Competent in Microsoft applications: Including Word, Outlook, SharePoint and Excel.
• A team player who can work across various teams and cultures.
• Strong verbal and written communication skills in English.
• Highly self-motivated individual who is willing to participate and actively assist in improving current processes.
• Working knowledge of Enterprise Detection and Response (EDR) solutions, Mobile Device Management and Data Loss Prevention systems and Risk Man

Your specialist: Debbie Amankwa

Quote job ref: 16304

Hi, I'm Debbie and I look forward to receiving your submission for this fantastic opportunity with this business.

Submit Your CV