Information Security Lead - CISSP - AWS - Cloud - PCI DSS - £70k

Mackenzie Wayne Limited
£70,000 + Bonus
31 Oct 2017
16 Nov 2017
Contract Type
Full Time

Information Security Lead - CISSP - AWS - Cloud - PCI DSS - £70k - London or Luton

This Globally respected Travel & Tourism organisation is looking for an Information Security Lead to be based in their Luton or London office, responsible for providing information security assurance for this organisations Group function. The team is expanding and this is an exciting opportunity to be part of a dynamic and growing function. The InfoSec Lead is primarily operational security, The Information Security Lead will spend 60% of their time managing the live service from a security perspective; the other 40% will involve being reviewing and assuring up-and-coming projects.

The Info Security Lead shouldn?t need much guidance and will be up to speed with Cloud, AWS, DevOps. This role's balance is of someone who?s hands on rather than from a pure governance background. They don?t need to be an architect but more a security ?generalist?. The Information Security Lead must have strong communication as they will need to talk to senior stakeholders. Experience of SaaS service, AWS and big data platforms would be advantageous and ideally a background in a FTSE 100 or FTSE 250 company would also help. The Information Security Lead will need to be able to cover all bases from an operational perspective.

The InfoSec Lead will be accountable for the following:

  • Ensuring day to day security controls are in place,
  • Deal with the running of anti-virus,
  • Make sure the right teams have the right access,
  • Running and reviewing vulnerability reports,
  • Deal with patching,
  • Managing any operational security risks.
  • Deal with gate keeping into production.
  • Ensure that any services going live have been reviewed and tested for security;
  • Ensure the appropriate processes are in place
  • Review data security reports and implement action plans, for instance firewall rules, patching reports, etc
  • Be the ?go to? person for support teams and third parties to seek clarity/guidance with regards security questions and this organisations standards/policies
  • Own and manage major security incidents

The Info Sec Lead's skills should include but are not limited to;

  • Experience performing information security governance of projects in a formal project lifecycle
  • Experience performing privacy impact assessments
  • CISSP or equivalent qualifications
  • Experience managing penetration testing engagements using 3rd Parties
  • Experience of Prince2 methodologies
  • Effective communication, influence and stakeholder management skills
  • Ideally good experience with PCI DSS in a large retail organisation

This job was originally posted as