*This role sits inside IR35*

Responsible for:

Ensuring company adheres to security best practise and protects its data and services to a high standard. Ensure all security accreditations are adhered to and maintained.

Key Purpose of Job

To provide technical expertise in the security of the infrastructure, incident management and update policies as required, in agreement with the IT Security Manager. Ensure continuous improvement of all systems and processes.

Key Tasks

SIEM Administration: Monitor and manage Security Information and Event Management (SIEM) systems.

Firewall and Proxy Audits: Audit firewall and proxy configurations, coordinating necessary changes with the Infrastructure Team.

Incident Management: Participate in the Cyber Security Incident Response Team (CSIRT) for incident readiness and handling.

ISO 27001 Compliance: Ensure all business processes adhere to ISO 27001 standards and support audits.

Security Alignment: Ensure alignment with security accreditations and Airbus directives.

Risk and Compliance Management: Maintain risk management processes and ensure compliance with relevant standards.

Project Security Requirements: Ensure all projects identify and address security requirements and follow Secure by Design principles.

Business Security: Work alongside business teams to understand their workflows and identify areas where security can be embeded. Create and implement security protocols and guidelines tailored to their business processes.

Threat Research: Stay updated on the latest security threats and mitigation strategies.

Penetration Testing and Audits: Arrange and oversee penetration tests and security audits.

Policy and Procedure Management: Keep security policies and procedures current and effective.

Risk Assurance Documentation: Produce and maintain risk assurance documentation.

Staff Education: Lead security education initiatives, including advisories, awareness programs, and best practices.

Change Documentation: Document all changes thoroughly.

Perform other tasks as directed by the IT Security Manager.

PERSON SPECIFICATION (essential requirements)

Qualifications

• Degree in Computing or equivalent
• MCSE, CCNA an advantage but not necessary

Experience

• Proven experience in a security or data analysis role
• Experience using Splunk (or similar SIEM)
• Experience with ISO 27001 compliance
• Experience in Risk Management

Knowledge & Skills

• In Depth Knowledge of Microsoft operating system
• Knowledge of securing cloud environments, such as Azure or AWS
• Knowledge of Splunk ES would be an advantage
• Ability to talk to a variety of audiences at all levels
• Team player with good communication skills
• Competent troubleshooting skills
• Ability to work under own initiative and in a busy environment

Able to demonstrate company mindsets; accountability, one team, customers and projects rule