The Scoop on the Role:
As an Information Security Engineer at Grouper, you'll play a vital role in shaping and maintaining our information security strategy, policies, controls, and procedures for both Grouper and our clients. Your primary objective will be to enhance the overall security posture of the business by implementing robust security measures and continuously seeking opportunities for improvement. You will also be engaged on client IS requirements.
This role is ideal for someone with experience in collaborating with various stakeholders to understand their business requirements and working closely with IT teams to enhance the security environment.
The role's areas of focus:
Vulnerability Assessment: Conducting thorough assessments of IT systems to identify security weaknesses, evaluating these vulnerabilities, and effectively communicating findings to relevant stakeholders.
Threat Intelligence: Analyzing diverse sources of threat intelligence, consolidating the analysis, and disseminating the insights to key stakeholders to enhance awareness and preparedness.
Application and Data Security: Implementing measures to safeguard applications and data, ensuring confidentiality, integrity, and availability are maintained at all times.
Identity and Access Management: Establishing and maintaining robust access control mechanisms to safeguard systems, defining access privileges, control structures, and resource allocations.
Incident Resolution and Monitoring: Responsibly handling security incidents and monitoring the IT estate using various monitoring tools to detect and respond to potential threats promptly.
Security Infrastructure Configuration and Troubleshooting: Configuring and troubleshooting security infrastructure devices such as firewalls, security appliances, and computer systems to ensure optimal functionality and protection.
Technical Solutions Development: Developing innovative technical solutions and security tools to mitigate vulnerabilities effectively and automate recurring security tasks, enhancing overall security posture.
Reporting: Generating required reports related to security, including weekly/monthly key performance indicators (KPIs), key risk indicators (KRIs), project updates, and other relevant metrics.
Continuous Learning and Awareness: Staying abreast of the latest security news, trends, and emerging vulnerabilities, and actively seeking opportunities to enhance knowledge and skills in the field of cybersecurity.
What We're Looking For: Security Sentinel! Are you ready to immerse yourself in a role that demands technical mastery and strategic insight? Here's what we're searching for:
Deployment and Configuration of Perimeter Defence Mechanisms: Proficiency in deploying and configuring perimeter defence mechanisms to safeguard networks and prevent unauthorised access, ensuring robust protection against external threats.
Expertise in Microsoft 365 Environments: Extensive knowledge and experience working with Microsoft 365 environments, including Office 365, Azure Active Directory, and associated services, enabling effective management and security of cloud-based platforms.
MS Endpoint Implementation Experience: Hands-on experience in implementing Microsoft Endpoint, Microsoft's cloud-based service for mobile device management (MDM) and mobile application management (MAM), facilitating secure management of devices and applications across various platforms.
Strong Knowledge of Checkpoint Technologies: In-depth understanding and proficiency in Checkpoint technologies, including firewall solutions and security management platforms, ensuring effective network security and threat prevention.
Experience with Vulnerability Management: Familiarity with Vulnerability Management technologies, practices, and procedures, such as Qualys, to identify, assess, prioritise, and remediate security vulnerabilities across IT environments, enhancing overall security posture.
Technical Proficiency in Windows and Linux Environments: Good technical knowledge and experience working with both Windows and Linux environments, enabling effective management, configuration, and security of systems running on these platforms.
The Perfect Match: If you possess some of these skills, Grouper is excited to hear from you!
Good all-around security mindset with a can-do attitude: Ability to approach security challenges with a proactive mindset and a positive attitude, always striving for solutions.
Knowledge of: NIST, NIS-D2,ISO 27001 ISMS, ISO 27018 PII, ISO 27017 Cloud, NIST 800-27 Security, ISO 20000 SMS, ISO 9001 QMS, BS 10012 PIMS ISO AWI 27552 Privacy, ISO 29100 Privacy, NIST 800-53 Federal Privacy, NIS Directive, California Consumer Privacy Act, ISO 14001 EMS, ISO 50001 EMS, ISO 18001 OHSAS, ISO 22301 Business Continuity, BS 31000 Risk Management and simillar.
Demonstrated Ability to Work Independently: Track record of working autonomously, with the ability to take initiative and drive security initiatives forward without constant supervision.
Be a Player, Not a Spectator: Take ownership and make things happen. We're seeking individuals who are proactive, engaged, and willing to take ownership of security projects and initiatives.
Certifications Advantageous: Possession of one or more of the following certifications would be advantageous for the role: CEH, CCSLP, CCSK, SANS GIAC, SSCP, MCSE, MCSA, CISSP, CISA, or CCSP.
3+ Years Experience in Information Security: Experience in an information security-related role, with a minimum of three years of hands-on experience in the field.
Relevant Qualifications: Hold any other relevant qualifications in Computer Science, Cyber Security, or Forensic Computing, providing a strong foundation for understanding and addressing security challenges.