Job Description

Posted 2 weeks ago

Cyber Security Engineer required by market leading organisation based in Cardiff. This will be a hybrid role with 2 days a week onsite but with flexibility.

This role will initially be a 6-month FTC with the possibility of going permanent.

The Cyber Security Engineer will be responsible for managing and reporting on our client’s portfolio of ICT security solutions and the ongoing design and implementation of security strategies, including the development of internal policies, training programmes and compliance with industry regulations.

Main Duties:

* Work with the IT Manager and wider business, on the specification, design, development and implementation of security strategies based on existing best practice frameworks and regulatory standards.

* Work with existing and/or identify emerging technologies that will effectively and efficiently meet our clients security requirements.

* Manage annual PEN test and subsequent remediations.

* Manage improvements highlighted in 3rd party vulnerability scans.

* Monitor the systems and respond to any potential cyber issues, acting as a point of escalation for the ICT team.

* Monitor of network for vulnerable and unacceptable devices.

* Assist ICT team with escalated issues cyber and non cyber related issues & faults.

* Investigate/assist with any possible email/phishing leaks and follow ups.

* Develop and maintain staff compliance for in house cyber security training and advise and train departments on all ICT systems.

* Monitor and reaction for Cloudflare website infrastructure for potential DDos activity.

* Monitor and react for Barracuda for untoward trends in email activity and phishing campaigns.

* Develop and maintain effective relationships with third party suppliers to ensure ongoing service delivery, performance and return on investment.

* Develop security related dashboards, policies, metrics and training programmes to report on the ongoing efficacy of security solutions and staff awareness of security related issues.

* Undertake risk assessments for new and existing suppliers, manage ongoing compliance and ensure cyber and information security incidents are investigated and resolved appropriately.

* Drive a culture of continuous service improvement for cyber security.

* Research, implement and enhance new security technology and methods, eg MFA, VPN and other ways to secure workflows.

* Work with 3rd Parties implementing planned fixes and improvements.

* Any other task as may be defined by the IT Manager to meet the operational needs of the business.

Required Background:

* Proven track record and experience in a similar cyber security role.

* Experience of working with cyber defence vulnerability management/threat detection platforms.

* Experience/understanding of how technology can be leveraged to support data management practices.

* Broad understanding of ICT infrastructure including

* Microsoft Azure cloud services, hybrid cloud environments, LAN/WAN networking and BCP/DR.

* Solid understanding of security, risk, compliance, and data management frameworks such as ISO27001, Cyber Essentials, NIST, TOGAF, COBIT, MITRE ATT&CK.

* Understanding of secure by design principles.

* Ability to travel between sites and to meetings for the role.

Desirables:

* Degree level educated.

* Qualified in a relevant technical accreditation, such as CISSP, CISM.

This fantastic role comes with an excellent basic salary and is accompanied by a benefits package which includes: Remote working, annual salary review, 25 days holiday (which will increase to 30 days based upon length of service), private medical insurance, pension and many more