Information Security Engineer
Posted on Oct 11, 2019 by SSP
Information Security Engineer
Solihull, West Midlands
Up to £55,000 (Dependent on Experience) + Extensive Benefits Package
SSP is a global provider of technology systems and solutions across the entire insurance industry. We provide core technology solutions, distribution and trading capability, advanced analytics and solution delivery.
We're on the lookout for an Information Security Engineer who will be responsible for ensuring the confidentiality, integrity and availability of SSP data and client data, stored or used by SSP. An integral part of the role is to ensure that SSP remains secure against internal and external threats.
The Information Security Engineer will help plan and carry out the organisation's information security strategy. They will work with CISO and Operations Management to develop and support a set of security standards and best practices for the organisation, and recommend security enhancements to management as needed. They will develop strategies to respond to and recover from a security breach. The Information Security Engineer will also be responsible for educating the workforce on information security through training and building awareness.
WHO WE'RE LOOKING FOR:
A strong multi-tasker with a keen eye for detail, a successful Information Security Engineer can think one step ahead of criminals. They are well organised and thrive in fast-paced, high-stress scenarios. We're also looking for an individual who is comfortable with security software development in an agile business.
WE'D LIKE TO MEET AN INFORMATION SECURITY ENGINEER WITH:
- A sound understanding the cyber security landscape, current threat levels and best practice
- CISM certification (Essential)
- Knowledge and practical experience of ISO 27001 and ISMS, PCI DSS (Essential)
- Knowledge and familiarity with the requirements of the DPA and GDPR legislation
- Direct experience with anti-malware tools, intrusion detection, firewalls and content filtering
- Knowledge of risk assessment tools, technologies and methods
- Experience designing secure networks, systems and application architectures
- Knowledge of disaster recovery, computer forensic tools, technologies and methods
- Experience in a system administration role supporting multiple platforms and applications
- Ability to communicate network security issues to peers and management
- Ability to read and use the results of mobile code, malicious code, and anti-virus software
THE INFORMATION SECURITY ENGINEER'S RESPONSIBILITIES INCLUDE:
- Implementation Protections - Install and use software, such as firewalls and data encryption programmes, to protect organisations' sensitive information. They also assist computer users with installation or processing of new security products and procedures.
- Test For Vulnerabilities - Conduct periodic scans of networks to find any vulnerability. Conduct penetration testing by simulating an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party.
- Monitor & Investigate Security Breaches - monitor the organisation's networks and systems for security breaches or intrusions. Lead incident response activities to minimise the impact. Also lead technical and forensic investigation into how the breach happened and the extent of the damage.
- Product Security - ensure that our products/solutions are developed with security in mind, working with Product Managers, Product Architects and the Managed Service organisation to establish standards and approaches to feed into our development and operational practice.
- Certification and Accreditation - ensure that key certifications and accreditations requirements are met and maintained, such as ISO 27001 and the ISMS, PCI-DSS.
- Security Reporting - ensure that any security concerns or breaches are notified to SSP Management in a timely fashion. Also to assist with the education of SSP employees on the latest risks, threats and vulnerabilities.
WHAT'S IN IT FOR YOU?
- A unique working environment where you'll be surrounded by passionate experts from a variety of backgrounds and industries
- A generous salary and matching pension scheme
- A clear, personal learning and development plan that provides the frameworks and development solutions to ensure everyone has the opportunity to maximise their performance and realise their potential
- Generous holiday allowance (25 days + Public Holidays), free parking and life assurance
- A wide range of flexible benefits such as experience days, gym memberships, to wellbeing benefits like healthcare cashback plans, and so much more.
We have a strong, clear vision - to be the leading provider of insurance technology software - and our values describe what makes SSP unique and captures the SSP spirit that runs through everything we do.
Respect - Ownership - Collaboration - Innovation - Energy
A CAREER WITH US:
SSP believes the most valuable asset for any business is the people it employs. It is crucial therefore to employ and invest in the best.
At SSP we believe that our diversity makes us stronger. As an equal opportunities employer, we celebrate and support everyone who works for us. We are committed to providing equal opportunities in our working practices and are proud of our inclusive culture.
To apply for the role of Information Security Engineer, please apply via the button shown.
This vacancy is being advertised by Webrecruit. The services advertised by Webrecruit are those of an Employment Agency.
Other organisations may call this role Cyber Security Engineer, Information Security Consultant, Information Security Analyst, Cyber Security Analyst, IT Engineer, or System Security Engineer.