This global fashion retailer is distinct from other companies in their approach to technology. They are heavily investing in technology and looking to expand their digital platforms, and now seeking an experienced Information Security Engineer to join a growing area of the technology department.
You will have an opportunity to have a real impact on the business. This role will be the most senior hands-on Security position within the business, and you’ll get the chance to advice and influence on incident and response strategy. You will also be expected to be the Information Security SME on several areas. We are looking for an analytical individual who can lead and influence others. Being a focal point for InfoSec within the Service Delivery and Operations team, you will ensure all Information Security risks are properly considered and have a track record of investigating and alerting infrastructure teams of all security risks. The role will be one that grows over time and will offer the successful applicant the chance of true career progression.
- SIEM experience
- Experience of managing technology
- Understanding of digital forensics essential.
- Experience of Intrusion Prevention and Detection Systems.
- Experience of managing penetration testing and vulnerability testing
- Strong technical and process skills relevant to information security area which cover; Perimeter, Network, Infrastructure, Endpoint, Application, Data, Wireless
- Cloud Security specifically around Public APIs and serverless tooling.
- Responsible for design and specification of new security and technical upgrades
- Security incident response experience. (testing, improvement, maintenance and smooth running of the InfoSec incident response plan)
- Liaison with Regulatory bodies, Internal and External Audit as required.
- Consultation on any new business ventures where Security advice needed.
- Understanding of IP networking protocols and distributed systems essential.
- Understanding of attacker tools, tactics and procedures is essential.
- Knowledge of configuring and implementing common technical security controls essential.
- Understanding of enterprise digital environments and distributed technology stacks essential.
- Experience of implementing frameworks such as the CIS SANS CSC, NIST or ISO27001/2 beneficial.
- Knowledge of regulatory requirements such as PCI-DSS, DPA and the GDPR are essential.
The next steps
If this sounds like the next challenge for you and you’d like the opportunity utilize your expertise whilst working alongside like-minded technologist, apply to the advert or if you want to know more detail please get in touch.