Description
My client a leading retailer are building out their cyber security practices whereby they are hiring Junior/intermediate and Senior engineers/consultants - within advisory.
Primary:
- The primary purpose of this position is to partner with the business and conduct ongoing activities that serve to ensure the protection of our customer, employee, and business information. Bringing the concept of "secure by design" to life by influencing projects and operations to implement adequate and proportionate security coverage to throughout the development life cycle.
Respnsibilties
- Acts as a Security focal point for the business, acting as a conduit to other security teams (Cyber Defense; Identity and Access Management; Governance, Policy and Awareness; and Security Architecture) as required to meet business needs.
- Delivers end-to-end advanced business centric security consultancy to ensure security coverage throughout the entire delivery life cycle, making sure that security is considered in a proportionate and tailored manner for each specific situation.
- Complements and augment the knowledge of the other Security team members to address special and complex business demands, including external requests (legal, compliance, regulation).
- Continuously and initially formally assesses information security risks related to vendors, determine the potential impact of those risks, and conduct follow-up on any necessary remediation efforts.
- Formally assesses information security risks related to business projects, determine the potential impact of those risks, and conduct follow-up on any necessary remediation efforts. Ensure that IT solutions and business processes comply with Company policy, Company controls and applicable legal and regulatory requirements while also ensuring that business objectives are met.
- Develops strategies and drive efforts to facilitate business ownership of data, including creating necessary tools, training materials and professional presentations.
- Conducts business process improvement or targeted training (for individuals or specific groups) to address security concerns related to audits, assessments or weekly security reports.
- Develops a specialized knowledge of and key relationships with the local brand, ensuring that security is imbedded in each brand and that their security needs are being met. Collaborate with other team members to identify opportunities for implementing common security solutions or leveraging existing solutions.
- Facilitates the establishment and ongoing maintenance of an inventory of both structured and unstructured confidential information throughout the company.
- Demonstrates specialized knowledge with at least one of the following and share this expertise with other team members to facilitate ongoing activities, as required.
- AIX and Linux, including data protection methods
- The Windows operating system and Active Directory, including data protection methods
- Networking technologies, including data protection methods
- Endpoint technologies, including mobile devices and methods for the protection of data
For immediate consideration please get in touch directly.