Cyber Security Technical Specialist
Laing O'Rourke, Crossways, Dartford
Cyber Security Technical Specialist
Salary not available. View on company website.
Laing O'Rourke, Crossways, Dartford
- Full time
- Permanent
- Onsite working
Posted today, 22 Dec | Get your application in now to be one of the first to apply.
Closing date: Closing date not specified
job Ref: e6b59ec09cff4e9f87a8ec71cb7c4230
Full Job Description
- Keeping abreast of potential and emerging cyber security threats, vulnerabilities, and control techniques and the trade-offs required to manage the different levels of risk appetite and risk exposure across the business.
- Focused on day-to-day operational tasks and maintenance of core Cyber Security infrastructure service platforms, including but not limited to:
- Manage and administer the Privileged Access Management (PAM) platform, including user access, permissions, audits and configurations.
- Collaborate with IT and business teams to integrate and expand PAM controls into existing systems and applications.
- Manage and administer the Application Control platform, including policy configuration, rule creation, and software whitelisting/blacklisting to prevent unauthorized software installations and executions.
- Collaborate with IT teams to integrate Application Control mechanisms into existing systems and processes.
- Work with cyber analysts and engineers to maintain and optimise other cyber security platforms and tools to improve performance and end-user experience. These include, but not limited to endpoint detection and response, network intrusion detection, patch management, web filtering and email security gateways.
- Develop processes and procedures to manage, monitor and improve performance, reliability, recovery, capacity and user-experience of cyber security controls
- Work with IT stakeholders to implement and test cyber security controls to ensure compliance with DR and BCP policies and scenarios. Working with the Cyber and Infrastructure Engineering team to form SME relationships To implement security best practices as directed by the Cyber Security Tech Ops Lead, Cyber Security Architect and Engineering teams. Ensure knowledge and information are documented and passed to the relevant Service delivery teams. Researches and assesses new threats and security alerts and recommends remedial actions. Play an active part in responding to and resolving security incidents (Prepare, Identify, Contain, Remediate, Recover). Work with key suppliers, partners and vendors to drive maximum value and security benefits from security services and solutions. Work with Cyber Security leadership to develop plans to enforce security requirements and address identified risks. You will need knowledge of Infrastructure and Cyber Security principles being able to create and develop operational process. Part of the role is to develop and maintain technical documentation, procedures, guidelines, and training. This means keeping a service management mindset to provide support and guidance to IT teams for best practice. Do you have experience in Security Incident Management tools (SIEM)? How about demonstrating excellent knowledge of security technologies, enterprise systems and cloud solutions? The join our Cyber Security team and showcase your knowledge of regulation standards, compliance and governance.
- Around 5 years+ experience in IT including circa 3 years in an operational environment
- Knowledge of best practices of IT security hardware and software, security suites, identity and access management, and encryption.
- Experience in configuring and managing PAM solutions in enterprise environments.
- Familiarity with identity and access management (IAM) principles, including role-based access control (RBAC) and least privilege.
- Strong understanding of Application Control concepts, tools, and technologies (e.g., whitelisting, blacklisting, application allowlisting). Experience in configuring and managing Application Control solutions in enterprise environments preferred.
- Understanding of security frameworks such as NIST, CIS Controls, or ISO 27001.
- Formal industry recognised Cyber Security qualification such as ISC2 CISSP, ISC2 CISM or Certified Ethical Hacker (CEH) (desired).
- Security and Network technology experience. The position will required time in our Dartford office, due to the nature of the work and sensitive sites we work on, this is an office based position. Need flexibility? Talk to the team about your current circumstances.
Are you skilled with Privilege Access management, Application Control and Data Loss Prevention solutions? The we need you to help optimise performance and ensure compliance to our cyber security certification requirements. This position requires a deep understanding of security protocols, risk management, and the ability to proactively identify and mitigate potential threats to the business, whilst delivering cyber security with a service mindset. You will work closely with cross-functional teams from infrastructure and network support analysts across the business units to ensure the integrity and security of our applications and data.,
We are an international engineering and construction company delivering state-of-the-art infrastructure and buildings projects for clients in the UK, Middle East and Australia.