Key Responsibilities:
Identity & Access Governance:
- Oversee a program aimed at reviewing and enhancing our internal Joiner, Mover, Leaver (JML) processes before engaging in the market for an IAG solution.
- Leverage your expertise in delivering enterprise-scale IAG solutions such as SailPoint, Entra, and OneIdentity.
- Design and implement a robust role-based access service.
Data Governance:
- Lead initiatives to refine our data governance and handling processes ahead of Microsoft Purview implementation.
- Utilize your experience in delivering Data Loss Prevention (DLP) and comprehensive data governance solutions.
What We're Looking For:
Essential Skills:
- Extensive experience delivering security within IT infrastructure, from requirements gathering to detailed design stages, ensuring solutions align with business risk appetite, standards, and regulatory requirements.
- Proven track record with Microsoft Purview, DLP, and Data Governance, with a preference for those with Identity Access & Governance experience.
- Capability to support and occasionally stand in for the Lead Security Architect, contributing to the IT security strategy and service delivery.
- Ability to provide advice and guidance to colleagues and the business, ensuring secure solutions are developed in line with technical governance processes, policies, and standards.
- Experience in applying security standards and assessing risk and compliance for large-scale solutions (e.g., 5000+ endpoints).
- Proven ability to implement security infrastructure solutions, ideally including SIEM, Access Governance, SASE, or Endpoint Protection.
- Strong understanding of information security standards such as ISO 27001, ISF, and NIST.
- Familiarity with OWASP and CIS industry security guidance and their application within the enterprise.
- Experience with risk assessment frameworks and the Cyber Assessment Frameworks, ensuring systems and services meet security requirements.
- Ability to identify and assess business and technical security requirements, including associated risks and potential weaknesses.
- Expertise in applying confidentiality, integrity, and availability (CIA) triad controls to meet regulatory requirements.
- Skilled in reviewing vulnerability and penetration test reports, providing guidance on necessary remedial actions.
- CISSP (Certified Information Systems Security Professional) certification or equivalent preferred.
Desirable Skills:
- Experience in the Utilities industry is a plus.
This role is Inside IR35.
6 Month contract (View to be extended)
£650-£750p/day
Hybrid (2/3 times per month on site)
If you are interested in this role, please don't hesitate to get in touch ASAP. This client is looking to move very quickly.