Cyber Security Specialist required by our market leading, award winning, professional services organisation on a hybrid basis. This role can be based out of either London or Bristol with 1-2 days a week onsite with flexibility.
The successful Cyber Security Specialist will have a deep understanding of security tools and tooling, architecture, control frameworks, and the ability to drive security initiatives across the business.
Main Responsibilities:
- Develop and maintain a roadmap for security technology adoption and improvement.
- Oversee the implementation, management and tuning of security applications and tools.
- Ensure effective integration of security applications with IT infrastructure.
- Provide technical expertise and support for security application usage.
- Develop and maintain a comprehensive cybersecurity architecture aligned with business objectives and industry best practices.
- Conduct risk assessments and identify security gaps, proposing and implementing mitigation strategies.
- Ensure the integration of security controls into system and application designs.
- Collaborate with cross-functional teams to identify and address security risks.
- Communicate complex security concepts to technical and non-technical stakeholders.
- Support development of security awareness training and guidance to employees.
- Apply project management principles and best practices to plan, execute, and monitor security projects.
- Ensure alignment of security objectives and requirements with project scope, budget, and timeline.
- Manage project risks and issues and communicate project status and progress to relevant stakeholders.
Required Background:
- Advanced understanding of encryption algorithms, key management, and PKI.
- Expert knowledge of network protocols (TCP/IP, UDP), firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and network segmentation.
- In-depth understanding of operating systems (Windows, Linux), system hardening, vulnerability assessment, and secure coding practices.
- Expertise in application security principles, threat modelling, secure coding, and web application firewalls (WAFs).
- Comprehensive knowledge of authentication, authorization, single sign-on (SSO), and identity federation.
- Ability to design and implement secure architectures for various systems and applications.
- Knowledge of programming and scripting languages.
Qualifications (Nice to have):
- Relevant industry certifications (e.g., CISSP, TOGAF, CCSP).
- Experience in cloud security and security automation.
This fantastic role comes with a very competitive annual salary which includes an annual review. On top of the bespoke training package, comes with the following benefits: A 10% annual bonus, remote working, annual salary review, 25 days holiday (which will increase to 30 days based upon length of service), private medical insurance, pension and many more.