IT Security Specialist / Consultant
Role purpose
The Security Consultant is a key player in ensuring the security and integrity of our GKN Automotives technical estate. They are responsible for the design, implementation, and management of security measures to protect information assets, as well as IT and OT infrastructure. As a subject matter expert (SME), they will have deep technical knowledge and provides critical support and assurance throughout the project lifecycle, from initial engagement to post-implementation review. They also contribute to Business As Usual (BAU) processes, including change management and software request evaluations. The Security Consultant identifies potential risks, devises strategies to mitigate them, and ensures adherence to industry standards and regulations. Collaborating closely with various teams, they embed robust security practices into both technology and business operations, safeguarding the organisations against evolving threats.
Key responsibilities
Project assurance:
As the security assurance SME, they will lead the integration of security into projects. Provide expert guidance to project teams and business stakeholders, ensuring the development of secure solutions that align with security policy, best practise, and enables business objectives.
Security Design:
Develop, implement, and maintain security designs to protect the organization’s information assets. Design and oversee the deployment of secure solutions across various platforms, ensuring their integration into the enterprise design.
Risk assessment and management:
Conduct comprehensive security assessments to identify vulnerabilities and threats.
Develop and implement effective risk mitigation strategies and plans.
Stay informed about the latest cybersecurity threats and update the organization’s defenses accordingly.
Policy and compliance:
Ensure the organization’s compliance with relevant regulations, standards, and best practices (. TISAX, ISO 27001, NIST, GDPR). Ability to collate evidence and represent artefacts to external auditors.
Technical oversight and guidance:
Provide technical expertise and guidance on security architecture and best practices to IT, cross functional teams and business stakeholders.
Review and approve security configurations and changes to the IT and OT infrastructure.
Support incident management activities.
Collaboration and communication:
Collaborate with IT, development, and business teams to integrate security into all aspects of the organisation’s operations.
Communicate security risks, incidents, and recommendations to senior management and stakeholders.
Continuous improvement:
Stay current with emerging security trends, technologies, and best practices.
Continuously evaluate and enhance the organisation’s security posture.
Participate in industry forums and professional groups to share knowledge and stay informed about the latest developments in cybersecurity.
Skills
Deep understanding of security principles and practices in projects.
Extensive experience and technical depth in either network, application or system security controls in their design and the risks they mitigate.
Experience with data centre transformation programmes and ERP platforms and transformation programmes.
Proficiency in security technologies and tools such as cloud technologies, security technologies, firewalls, IDS/IPS, SIEM, DLP, and encryption.
Understanding of cloud infrastructure ., AWS, Azure, etc.
Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills.
Ability to work effectively in a collaborative team environment.
Strong project management skills.
Knowledge of regulations and compliance requirements and security frameworks (., TISAX, ISO27001, NIST, CIS, GDPR).
Experience in the automotive industry is advantageous.
Education
Degree or Equivalent Level
Relevant certifications such as CISSP, CISM, are highly desirable.
Experience
At least 5-7 years of experience in information security, with a focus on security design and supporting projects/programmes as the security technical authority.
Proven experience in conducting risk assessments and developing security policies.
Experience in managing and implementing security technologies and solutions.
Demonstrated ability to communicate security concepts and risks to both technical and non-technical audiences.
The latest news, articles, and resources, sent to your inbox weekly.
We are looking for a Cyber Security Specialist to join the team of a well-established organisation on a permanent basis in the heart of Birmingham. This role is offering hybrid working, career progression and a great opportunity to gain more experience in this sector.Cyber Security SpecialistMon- FriBirmingham based (hybrid working)Permanent£63000k...
Niyaa People Birmingham
Security Controls SpecialistPermanent Salary: £43,000 to £58,000 (DoE)Location: EdinburghWorking Arrangement: Hybrid - 2-3 days on siteThis role has an on-site requirement in Edinburgh every week, please only apply if you can commit to this travel.Sponsorship is unavailable for this role.Your new company:I'm currently looking for muliple security controls specialists to...
Edinburgh
IT Security Support Specialist - Remote - Up to £60,000The IT Security Support Specialist is responsible for monitoring, maintaining, and escalating security issues within the operational IT environments that support the business. This position reports to the Technical IT Security Support Specialist and will assist with the efficient administration of...
Newcastle upon Tyne
IT Security Analyst - Basingstoke HQ - Up to £45,000The IT Security Support Analyst is responsible for monitoring, maintaining, and escalating security issues within the operational IT environments that support the business. This position reports to the Technical IT Security Support Specialist and will assist with the efficient administration of...
Basingstoke
Job Title: Privileged Access Management (PAM) SpecialistLocation: Manchester (hybrid)Salary: £40,000 - £60,000About Us:We are a leading organization committed to providing innovative security solutions. As part of our ongoing growth, we are looking for a skilled and motivated Privileged Access Management (PAM) Specialist to join our dynamic IT security team. This...
Manchester
Security LeadLocation: Remote/LondonSalary: up to £75,000 DOEThis role serves as the central point for security, setting the strategic direction for IT security across the organization. The ideal candidate will safeguard customers and employees, ensure smooth daily operations, and influence the internal IT landscape.Key Responsibilities:Develop and implement IT security policies, procedures,...
City of London
