This Job Vacancy has Expired!

Cyber Operations Lead

ERM Europe Ltd

Posted on May 27, 2021 by ERM Europe Ltd

London, United Kingdom
IT
1 Jun 2021
£70k - £80k Annual
Full-Time


The Cyber Operations Lead role is a hands-on role to ensure the ongoing implementation and operation of ERM's security control framework. The role manages information security, ensuring the integrity, availability & confidentiality of ERM information & data. The role will also manage our third party security suppliers, and produce metrics on the effectiveness of the controls frame work.

Environmental Resources Management (ERM) is a leading global provider of environmental, health, safety, risk, social consulting and sustainability related services. With 6000 people working in 42 countries out of 160 offices, ERM is committed to providing a service that is consistent, professional and of the highest quality to create value for our clients. Over the past five years, we have worked for more than 50 percent of the Global Fortune 500 delivering innovative solutions for business and selected government clients helping them understand and manage the sustainability challenges that the world is increasingly facing.

Responsibilities:

Operational Security

  • Produce metrics as required to assure security operational effectiveness
  • Ensure that cyber security controls remain effective at all times
  • Act as internal escalation and engagement point for 3rd Party Security Services
  • Perform ongoing identification and mitigation of potential risks their probable business impact
  • Manage threat intelligence and operational responses
  • Virus & Malware Protection
  • Proxy & Firewall policies design & review
  • Web & Mail Filtering
  • Mobile Device Management
  • Endpoint Encryption of Employee Devices
  • Threat and Vulnerability management
  • Respond to help desk security calls and planned work requests ~ resolve or manage problems of a complex or urgent nature
  • Support Internal Audits and Spot-Checks within ERM

Asset Management, Risk Management & Disaster Recovery Management

  • Identify, quantify, and prioritize risks against criteria for risk acceptance and objectives relevant to the agency
  • Participate in the development of Disaster Recovery

  • Carry out regular risk assessments and aid in internal and external penetration testing and vulnerability scanning

Policy Management & Compliance

  • Maintain any and all ERM certifications and security & compliance requirements.
  • Avoid breaches of any law, statutory, regulatory, or contractual obligations, and UK/EU requirements
  • Ensure adherence to EU GDPR at all times

  • Protect organisational, personal, sensitive, and confidential information
  • Enforce policy, standards, and technical compliance
  • Responsible for security patching of internal systems
  • Provide input to client or third-party security reviews
  • Provide metrics on the supplier and control effectiveness

  • Provide responses regarding ERM's operational security arrangements to assist with successful bid support

  • Monitoring, Incident Handling & Reporting and Documentation

Key Competencies

Excellent communication skills written and verbal

Determination and motivation to succeed

Enthusiastic, with a positive can-do' attitude

Ability to effectively prioritize and execute tasks in a high-pressure environment

Gains the respect of colleagues and is a team player who is more interested in results than personal preferences

Highly self-directed, with keen attention to detail

Has strong communication, project and time management skills

Experience working both independently and in a team-oriented, collaborative environment

Flexible and adaptable in regards to learning and understanding new technologies

Proven analytical and problem-solving abilities

Ability to effectively prioritise tasks in a high-pressure environment.

Strong customer service orientation

Qualifications and Prior Experience

Degree or related business discipline

Essential

At least five years' equivalent work experience in a Security Operational roles

Holds security industry certifications such as (Security+, CEH, CISA, CISMP, SSCP, MSC with Security, CCNA/CCNSP Security)

Understanding of Cloud services virtualization, load balancing, clustering, caching processes

Solid background in cyber and information security

Strong knowledge in security technology, SIEM, DLP, IDS/IPS, WAF, Vulnerability management tools, Encryption Services, VPN, Cloud Security; CASB, CSPM, CSA,

Working knowledge Firewalls, Web Filtering, Mail Filtering

Preferred

CISSP Certified

Knowledge of NIST/ISO/2013/2015 security standard

Experience with management of Security Service Providers (MSSP's)

Excellent knowledge of Threat and Vulnerability services and management processes




Reference: 1208917535

Set up alerts to get notified of new vacancies.