Job Description
Our client, a global automation technology software manufacturer, is scaling up their UK based Information Security.
They are looking to hire an experienced Product Security professional to join their team of experienced security professionals focused on securing the businesses product and securing against future threats and vulnerabilities.
The Role:
Assume a critical role in overseeing, enhancing, and conveying our security stance, thus fostering continuous security enhancement initiatives throughout the organisation. Active engagement of our engineering and operations teams in establishing security practices as inherent and fundamental aspects of their work. By offering practical guidance, exhibiting thought leadership, and initiating data-driven endeavors, you will champion a continuous improvement ethos in security, bolstering the seamless adoption of our autonomous products. In this capacity, your responsibilities encompass: Crafting a comprehensive security framework that empowers our engineering teams with informed counsel and tangible steps to instill security as an integral part of their development processes. Collaborating closely with engineering units to enable them to construct threat models, discern potential risks, and formulate security countermeasures and prerequisites. Translating intricate security frameworks, such as CIS Top 18 and NIST CSF, into actionable insights that resonate with our technology teams. Operating and evolving our cybersecurity management system, substantiated by data-backed evidence, to demonstrate the security posture of our products to clients and stakeholders. Devising streamlined procedures and metrics that expedite the identification and response to security vulnerabilities and incidents through the utilisation of SIEM/SOAR technologies. Benchmarking our security maturity across various technology teams, thus identifying opportunities for improvement and gauging our overall security prowess. Presenting our security stance convincingly to clients, regulatory bodies, and broader stakeholders to bolster our journey towards autonomous solutions on the road.
Experience Required:
A comprehensive grasp of information and cybersecurity risks and technologies. A recognition of cloud security principles, encompassing platforms like Google Cloud, AWS, or Azure, and an understanding of cloud networking and DevSecOps methodologies. Proficiency in key security systems, including Intrusion Detection Systems (IDS)/Intrusion Detection and Response (IDR), data loss prevention, and log management. Familiarity with the landscape of infrastructure security threats. A track record of leading security-driven continuous improvement initiatives within technology-centric organisations, grounded in data-driven risk management approaches. Expertise in adhering to security standards such as ISO 27001, CIS, and NIST.
Offer / Package:
Base Salary : £80,000 - £90,000 Company Share Programme Remote Working - 1 day per month in the UK office Benefits Plan : Pension, Private Medical, Life Assurance, etc
Applicants MUST be currently residing in the UK and hold a valid UK passport. Unfortunately, applicants outside of the UK will not be considered.
