Job Title:
IT Security Engineer
Role Purpose:
* Develop, secure, and maintain the network infrastructure to support business demand. Ensure the security, integrity and high-availability of the network and infrastructure providing a stable, reliable and secure network
* Ensure network defences are current and effective in protecting not only external perimeter but data and systems be they internal or external
* Support the IT Security Manager and IT Departments in the assessment and implementation of technologies, policies and procedures to safeguard data and IT assets.
Area of Responsibility
Key Activities
* Keeping up to date on IT Security trends, IT Security risks and processing innovations and their application to the security of the company's business systems.
* Maintaining knowledge of relevant technical security systems and professional certifications.
* Monitor compliance to IT security policy
* Monitor security of the network
* Govern the patching, vulnerability management and hardening of infrastructure
* Be knowledgeable and up to date on emerging technical threats tand update the IT Security Manager and IT Divisions accordingly
* Develop appropriate Cyber Security risk reporting KRIs / MI and reporting via formal governance frameworks for the IT Security Manager
* Monitor and track all remediation tasks arising from such audits/reviews
* Support or act as a focal point for IT security investigations as required
* Recommend courses of action for remediation and prevention of reoccurrence in response to an IT security incident
Knowledge and Skills
Essential Qualifications Desirable Qualifications
Applicable security certification (or equivalent professional experience) required e.g. CISSP, MSc in Information Security or related field or equivalent qualification or work related experience
At least 5+ years in a similar IT security role
ISO2700x
ISACA's CISM / CISA
CISSP
Technical Knowledge & Experience Business Knowledge & Experience
* Minimum of five years' experience in MS server platforms and/or UNIX
* Communications and Internet protocols
* Perimeter security controls - firewall, IDS/IPS, network access control and network segmentation
* Router, switch and VLAN security
* Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
* Security policies, standards and implementation
* Internet technologies, including TCPIP, HTTP and FTP
* Microsoft products e.g. Exchange, OWA, SQL Server
* Oracle or SQL databases
* Remote access and VPNs
* Computer forensics
* Application security assessments
* Payment Card Industry (PCI) Data Security Standard (DSS) audits
* Possess sound business security awareness and ability to develop security project methodologies and service offerings
* Practices and methods of IT strategy, enterprise architecture and security architecture
* Network security architecture development and definition. Knowledge of third party auditing and cloud risk assessment methodologies
Morgan McKinley is acting as an Employment Agency in relation to this vacancy.
Please note that any references to salary or pay rates in this advertisement and in the salary refinement section are indicative only and should only be used as a guide.
Email me jobs like this
