Job Description
Key Responsibilities: Develop and Implement Security Best Practices: Spearhead company-wide cybersecurity initiatives, covering critical areas such as cloud security (Azure & AWS), threat management, data loss prevention, access control, cryptography, and physical security. Cloud Security Controls: Provide expert guidance in securing cloud infrastructures, implementing robust security controls for Azure and AWS environments. Compliance & Regulatory Assurance: Assess both technical and organizational security measures to ensure compliance with relevant regulatory frameworks, addressing deficiencies and implementing remedial actions as needed. Policy Development & Maintenance: Craft, update, and enforce comprehensive information security policies, standards, and procedures to align with the latest industry standards. Proactive Security Enhancements: Drive continuous security improvements by evaluating current trends, forecasting future needs, and recommending cutting-edge technologies to mitigate risks. Incident Response Management: Oversee the security incident response process, from planning through execution, including tabletop exercises to ensure preparedness. Vulnerability Management: Lead vulnerability assessment efforts, manage external penetration tests, and coordinate remediation strategies for infrastructure and web application vulnerabilities. Security Awareness Training: Manage and enhance the company's Security Awareness Program to ensure all staff are knowledgeable about security best practices. ISO 27001 Compliance: Ensure adherence to ISO 27001 security controls, maintaining accreditation and spearheading audits. Continuous Learning: Stay ahead of the latest developments in cybersecurity through educational workshops, publications, and ongoing professional development. Skills and Qualifications: Educational Background: Bachelor's degree in Computer Science, Information Security, or a related field. Experience: Minimum of 4 years in a hands-on information security role. Possession of security certifications such as CISSP, CISM, CEH, CCSP, CSA+, ECIH, GIAC, or ISO 27001 preferred. Framework Knowledge: Strong understanding of industry-standard security frameworks such as ISO 27001, NIST, CIS, PCI-DSS, and CSA. Cloud Expertise: Proven experience implementing security controls in AWS and Azure cloud environments. Analytical Skills: Sharp attention to detail, with the ability to analyze trends and spot potential security threats. Communication Skills: Excellent written and verbal communication skills, capable of simplifying complex technical concepts for non-technical audiences. Team-Oriented: Self-motivated with the ability to work both independently and collaboratively. Leadership & Influence: Strong leadership abilities, with the capacity to influence and engage stakeholders across all levels of the organization. Morgan McKinley is acting as an Employment Agency and references to pay rates are indicative. BY APPLYING FOR THIS ROLE YOU ARE AGREEING TO OUR TERMS OF SERVICE WHICH TOGETHER WITH OUR PRIVACY STATEMENT GOVERN YOUR USE OF MORGAN MCKINLEY SERVICES. Skills: CISSP CISM CEH CCSP CSA+ GIAC ISO 27001