Technical Enterprise Architect
BAE Systems Digital Intelligence
AWSAzureCloudCyber SecurityGoogle Cloud Platform
Cyber Security Manager
Two Circles
full-time
Posted on:
Origin: • 🇬🇧 United Kingdom
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AWSAzureCloudCyber Security
About the role
- Keep systems, people and data safe by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and technical assurance for solution design and changes
- Maintain and improve security posture in tandem with GRC practices and policies to align with standards and frameworks such as SOC 2 and ISO 27001 and legislation including GDPR and UK DPA
- Lead day-to-day cyber security operations and project-based work
- Train and upskill colleagues on security awareness, OWASP Top 10 and Security by Design; feed into processes and workflows to maintain good security practice
- Engage with clients, technology partners and suppliers to support security assurance and alignment to security requirements
- Own Security Operations activities with operational team and external partners, including Incident Response and Threat Intelligence
- Support Continual Security Improvement and act as Tech Ops representative in the GRC working group
- Standardise security tools and infrastructure across group offices and deliver improvements in security posture
- Design and deliver improved security tooling across areas (DR design and testing, end user tooling, SIEM tooling and event ingestion)
- Advise on architecture and design of internal and client-facing solutions to address emerging threats and vulnerabilities
- Operationalise and ensure delivery of security policy, standards and procedures
- Provide technical expertise for compliance initiatives and programmes (eg ISO 27001, Cyber Essentials Plus, GDPR)
- Conduct technical aspects of vendor and partner security reviews
- Increase Information Security awareness among end users and improve user interactions with the security team
- Identify and implement automation and improvements to security across the business
- Protect client data at all times
Requirements
- Managing technical risks and proposing solutions and recommendations
- Security Operations procedures, i.e. Incident management and response
- Configuring, optimising and reporting with Microsoft 365 Security and Compliance modules, including Defender, Security Centre, Protection, Compliance Centre
- Experience of both cyber operational roles, but experience of having delivered security change projects/programmes
- Experience with GDPR/UK Data Protection, Cyber Essentials and ISO 27001 frameworks
- Azure security tooling including Security Centre, Defender, Sentinel, Intune, AWS Security Hub, GuardDuty, Inspector, WAF, Security Lake, CloudTrail
- Able to understand and effectively communicate technical concepts in discussions with both technical and non-technical colleagues
- Broad knowledge around network technologies (especially cloud) and technical security
- Configuring and maintaining endpoint security technologies (AV, firewall, encryption, email protection, web filtering)
- Awareness of architectural principles for technical solution design, e.g. Zero Trust, least privilege RBAC, Security by Design, PAM, Segregation of Duties
- Data Protection and DLP
- (Beneficial) NIST, SOC2 and additional compliance and regulatory frameworks
- (Beneficial) Project Management and technical delivery
- (Beneficial) Experience of, or a keen interest in, the business of sport
Similar jobs on JobTailor
Compliance Analyst
NetCraftsmen, now BlueAlly
AWSCloudCyber Security
Principal Consultant, Proactive Services - SOC
Palo Alto Networks
AWSAzureCloudCyber SecurityGoogle Cloud Platform
AI Security Architect
Skillable
AWSAzureCloudCyber SecurityGoogle Cloud Platform
Governance, Risk & Compliance Analyst
Docebo
AWSAzureCloudCyber Security