As a Senior Information Security Specialist, you will be focusing on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely.
The team deals with the security of closed source, open-source, and in house written applications. The objective is to ensure that systems and services are built with privacy and security by design.
You will be working with colleagues in other teams, specifically development, to confirm that application based vulnerabilities are understood and mitigated. This is done from a security assessment point of view rather than code QA and so your code reading skills will be needed.
The team comprises of graduates to time served engineers with backgrounds as developers and security professionals with penetration testing capability. Main Responsibilities:
Preferred Skills and Experience:
- Taking a lead role in the project process to ensure Information Security aspects are considered upfront and throughout the project lifecycle.
- Undertaking vulnerability and controlling penetration testing.
- Overseeing daily security operational processes acting as an escalation point where necessary.
- Responding to, and reporting on, system alerts from various monitoring technologies.
- Developing a thorough understanding of the business and supporting more junior members of the team.
- Liaising with the business to ensure Information Security requirements within jurisdictions in which we operate are complied with.
- Creating technical documentation.
- Taking an active role in audits.
- Maintaining knowledge of developments in security technologies and their applications.
- Excellent understanding of general principles, practices, and technologies of Information/Digital Security.
- Excellent understanding of technology functions as they relate to Information Security, including the development of technical standards and procedures.
- Understanding of Network Infrastructure and Network Engineering topics..
- Experience in a technical support or operations environment.
- Understanding of industry-standard Information Security practices.
- Awareness of PCI DSS current version.
- Excellent communication and documentation skills and high attention to detail.
- Excellent organisational skills with the ability to work to deadlines.
- Pragmatic approach to the administration of governance and risk.