Senior Information Security Specialist
Permanent Salary: Between £57,000 - £69,000 plus business performance quarterly bonus
Harrogate, North Yorkshire
Working Arrangement: Hybrid - mostly in office working
Your new company
I'm currently looking for an information security specialist to work for an esteemed Yorkshire FMCG organisation in a holistic Information Security role which will see you involved in areas of Governance, Risk and Compliance, Cyber Defence and assisting their Managed Service Security Provider to an extent on operational cybersecurity.
This role is mainly on site in Harrogate, North Yorkshire with flexible working offered and limited hybrid working.
The ideal candidate will be a seasoned security professional with a demonstrable background in the GRC space, a practical understanding of some of the core security frameworks (NIST, Cyber Essentials +, ISO27001), and a level of understanding of core security analysis tools (SIEM, IAM/PAM, Firewalls, EDR, Vulnerability scanning tools etc).
Your new role will involve
- Assisting with the implementation and enhancement of the security strategy as set forth by the Head of Cyber Security
- Working with all areas of the business and building relationships with colleagues to gain a better understanding of wider business functions, their security requirements, and how best to coach employees on security principles that are applicable to their operational needs
- Assisting with ensuring adherence to ISO27001 and other standards such as NIST and Cyber Essentials + where suitable
- Assisting with security initiatives and implementations
- Working alongside the Managed Service Security Provider, assisting with security operations where required, but mostly acting as the liaison between the MSSP and the business
- Providing informed advice on security initiatives set out by the Group Head of Cyber Security
- Overseeing the remediation of vulnerabilities raised by MSSP penetration tests, producing supporting documentation (risk ratings and updating risk register)
- 3rd party and internal risk management
- Maintaining a contemporary knowledge of current threats and cyber trends
- Assisting in the identification and support of 3rd party compliance requirements
What you'll need to succeed
- A strong information security (audit, governance, risk and compliance) background
- Experience working with 3rd party suppliers and MSSPs on the enhancement of organisational security
- Some technical cyber experience (utilisation of SIEM/Vulnerability/IAM tools)
- Excellent communication skills alongside a proactive and business solution-focused mindset
- Thorough understanding of, and practical application experience of, commonplace security, risk and compliance frameworks (NIST, ISO27001, CE+)
- Experience of working cross-functionally across IT, Transformation, GRC, audit and security operations teams
- Experience providing security advice over a variety of projects
- Strong Governance Risk and Compliance (GRC) knowledge, understanding and skillset
What you'll get in return
- Between £57,000 - £67,000 per annum
- Quarterly bonus based on business performance
- Up to 25 days holiday plus public holidays
- Access to Private Medical Insurance
- 5% Employer Pension Contribution
- 4 x Life Assurance
- Free meals and drinks on site
- Free on-site parking
What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk