Senior Information Security Engineer
- Bristol / Remote, Avon
- Posted 15th November 2021
- £45,000-50,000 p/a + Excellent Benefits & Remote Working
- Ref: RC6108
Senior Information Security Engineer required by market leading, award winning financial services organisation in Bristol. The role will be split 3 days onsite and 2 days remote per week with some flexibility. The Senior Information Security Engineer will assist in maintaining all domains related to the risk of confidentiality, availability and integrity. These domains include our clients Information Security processes for Incident Management, Digital Fraud, Cyber Security, Governance, Risk Management, Risk Reporting, Continuity Management, and other essential services.
- Support the CISO in the execution of their duties and appropriately represent them within the business in providing effective guidance, assurance and oversight.
- Report and deliver Information Security & Cyber Risk Assurance activity consulting with management to formulate and agree effective solutions to any identified shortfalls.
- Provide input to the continuous development and improvement of the risk review methodology and approach within the Technology department, and wider business.
- Review relevant customer and supplier processes and systems, complete any questionnaires, surveys, or audit requirements, making any recommendations and challenge to business owners on areas for development / improvement.
- Ensure the timely completion of risk reviews, permanent supervision controls, security reporting, audit action plans, risk acceptance documents, application security assessments and any other assurance activities as required.
- Undertake quality assurance of the services provided by the Information Security department via a variety of techniques, including sample checking, analysis of MI and reporting.
- Oversee the production of monthly detail management information within the team and appropriate commentary that is then fed into management meetings and committees.
- Perform the legal and regulatory watch requirements for Information Security.
- Experience of working within an Information Security and/or Cyber Risk function, specifically with experience of Security Assurance or Governance Risk and Compliance (GRC).
- Proven knowledge and experience of Industry Standards and best practice e.g., ISO 27000 series, NIST Cyber Security Framework.
- Knowledge of risk management frameworks and methodologies.
- Excellent presentation, written, verbal communication and interpersonal skills.
- Good understanding of GDPR, and Data Protection.
- Experience of leading and co-ordinating internal and external audits.
- Experience of implementing or delivering Security awareness and education.
- Ability to think at a strategic level.
This fantastic role comes with a basic salary to £50,000 p/a and is accompanied with a generous contributory pension scheme including Critical Illness, 25 days holiday, in addition to Bank Holidays, volunteering days, flexible working options available, free parking, study Leave where applicable, enhanced parental leave, Occupational Health Programme, introduction bonuses for referring an Employee or Customer, access to Learning / Training and EV charging points, bike storage, shower & changing facilitates to name but a few.
Apply for this Vacancy
If you’re not keen on the above role but would like to submit your CV for future reference by out specialist recruiters, simply complete the 'Register' form above. We will be in touch with any vacancies matching your experience.