Information Systems Security Engineer

London  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Safety Principles Computer Security Security Engineering Stakeholder Management Risk Management Information Systems Security Engineering Professional Risk Analysis Acquisition Processes Amazon Web Services Systems Engineering Cloud Computing Security Information Systems Consulting Functional Design ISO/IEC 27001 Open Web Application Security Security Managing Security Requirements Analysis System Lifecycle Trusted Systems Vulnerability National Institute of Standards and Technology (NIST)

Description

Information Systems Security Engineer

  • Inside IR35 3 month contract
  • 3/4 days in office

This role is pivotal in establishing and driving the security engineering capability within the Information Security team. The role involves ensuring adequate security across projects and reporting to the Information Security Engineering Lead.

As a security engineer, you will identify requirements, design, and advise on the implementation of technical security standards and controls across organisational projects.

The role is responsible for ensuring robust security measures across the organisation. This includes understanding the problem space and stakeholder information protection needs, developing security requirements, recommending controls, and ensuring security is integrated throughout the life cycle of projects and systems.

Key Responsibilities and Accountabilities

  • Ensure security by design across technical projects and develop trusted systems.
  • Participate in the acquisition process, addressing security considerations.
  • Define and manage non-functional requirements related to security.
  • Capture and refine information security requirements, integrating them into information systems via design or configuration.
  • Collaborate with stakeholders throughout the life cycle of projects and systems to ensure adequate security measures are implemented.
  • Conduct security reviews, identify gaps in security posture, and develop risk management plans.
  • Document the impact of new systems or interfaces on the security posture of the current environment.
  • Perform risk assessments to identify vulnerabilities and threats to systems and data.
  • Design and implement secure solutions to address identified needs.
  • Manage risks, assumptions, issues, decisions, opportunities, constraints, and dependencies throughout the system life cycle.

Key Skills

  • Proficient understanding of security engineering requirements and best practices.
  • Strong risk management and security engineering practices throughout system life cycles.
  • Excellent communication and stakeholder management skills, with the ability to work collaboratively across business units and external partners.
  • High initiative and ability to drive change, translating technical security issues into business risks for non-technical audiences.

Knowledge and Experience

  • Bachelor's degree in Computer Science, Systems Engineering, Cyber Security, or related discipline; or professional security management certifications.
  • Multi-year experience in security engineering.
  • Experience with common security frameworks such as NIST, ISO 27001, PCI, CIS, OWASP.
  • Extensive experience ensuring security by design throughout life cycles.
  • Cloud security qualifications (eg, Microsoft Certified Cybersecurity Architect Expert, AWS Solutions Architect)
  • ISSEP (Information Systems Security Engineering Professional)

Personal Characteristics

  • Strong problem-solving skills and critical thinking in complex and constrained scenarios.
  • High level of personal integrity and ethics, with sound judgement in security matters.
  • Advanced skills in communication, collaboration, problem-solving, and stakeholder management.
  • Demonstrates initiative and the ability to work independently to shape and lead change.
Start date
ASAP
From
Harvey Nash IT Recruitment UK
Published at
04.12.2024
Project ID:
2826786
Contract type
Freelance
To apply to this project you must log in.
Register