Information Technology Security Officer
Employer: Public Body
Location: East Belfast (Hybrid)
Contract Type: Temporary (PAYE)
Salary: £66,376 pa + HP & Pension
Job Summary
VANRATH are delighted to be partnering a public sector organisation seeking an experienced Information Technology Security Officer. Fantastic and interesting organisation to work for, with some truly meaningful work going on. This is a challenging new post within the Information Systems (IS) Office. The Information Technology Security Officer will lead Information Technology Security functions. This is a key change role within the organisation, supporting and reshaping the provision of information systems and enabling other parts of the business to perform effectively. The successful delivery of information systems in a rapidly changing technical environment presents many strategic, operational and technical challenges to the post holder.
Reporting into the Head of IT, this is a full-time role (5 days per week) for 6 months with the possibility of extension, seen as an excellent opportunity to work in a public sector organisation on impactful projects offering a hybrid working model and good work-life balance (plus free parking and excellent location for walks/public transport etc).
Please see a summary of responsibilities below but a full job description will be provided to shortlisted candidates for review.
Key Responsibilities
As they Information Technology Security Officer, you will:
* Work alongside the Head of IT to develop the organisation’s IT vision, strategy and accompanying action plan and deliver it through a robust programme and project management framework, in line with best practice, to support the continuing digital transformation of the business.
* Identify future challenges in the IT landscape and develop relevant mitigation strategies.
* Research and evaluate existing and emerging technologies, products and services, particularly cloud computing, to identify potential areas of improvement and support new ways of working.
* Provide strategic and authoritative technical advice to the Senior Management Team (SMT) and the Head of IT on matters relating to systems, applications, policies and processes.
* Represent the organisation at external forums and events, building and maintaining effective and constructive external relationships.
* Lead, develop, implement, and monitor a comprehensive technical information security program, including all related policies, standards, and guidelines to protect information assets, especially where changes have been made.
* Provide professional expertise and advice to SMT, senior managers and the Data Protection and Governance Officer to ensure that technical information security adheres to data protection and information security standards, including ISO 27001, NIST, and GDPR (as applicable).
* Lead and define security best practices and align them with organisational goals and compliance requirements.
* Implement technical security controls to systems and lead alongside the Head of IT in ensuring that all team members adhere to the controls.
* Lead the team supporting the daily operations of security systems, such as firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and SIEM.
* Lead and provide expertise on reviewing and analysing security alerts and logs for signs of potential vulnerabilities, threats, or breaches.
* Lead and coordinate with IS teams to ensure secure system configurations, vulnerability patching, and software updates.
* Lead and support the secure adoption of new technologies from the Microsoft technology stack.
* Lead and manage the team conducting assessments across all (organisational) new technical / data related projects preparing and presenting updates and security risks to the Head of IT and all stakeholders.
* Provide technical security advice and information to ensure internally developed information systems, and new technologies are secure by design, including any changes.
* Other duties include developing and leading staff, risk assessment and incident response, compliance and regulatory alignment, security awareness and training, supplier and third-party management, documentation and reporting, etc.
Essential Criteria
Applicants for the post of ITSO (Information Technology Security Officer) must, by the closing date for applications:
1. Possess at least a Bachelor’s (or higher) Degree in Computing or other discipline relevant to Information Systems / Information Technology, Cyber Security or Network Administration*.
Plus
Have a minimum of 3 years’ experience in each of the areas a) - c) described below:
(a) Working across a multi - discipline technology stack;
* Cloud environments (AZURE / AWS);
* Firewalls (On premise / Cloud services);
* Intrusion Detection / Prevention Systems;
* Security Information & Event Management tools (SIEM);
* Data Loss Prevention (DLP);
* Endpoint Management;
* Networking, Protocols & Vulnerability Management;
* Encryption & Identity Management;
* Policy creation; and,
* Developing and delivering Cyber Security related Training.
(b) Working in roles such as, Security Operations, Incident Response and Investigation, Risk Management and / or Network Security and Architecture.
(c) Working knowledge/experience of information security management systems (ISMS)
AND
Possess a professional certification that aligns with the responsibilities of the role such as Certified Information Systems Security Professional; CISSP, Certified Cloud Security Professional (CCSP)).
OR
2. Have at least 6 years’ experience working in a cyber security role, demonstrating progressive experience in technical and operational aspects of Cyber Security.
Plus
Have a minimum of 3 years’ experience in each of the areas a) -c) described above.
AND
Possess a professional certification that aligns with the responsibilities of the role such as Certified Information Systems Security Professional; CISSP, Certified Cloud Security Professional (CCSP) and have the ability to demonstrate knowledge of information security management systems (ISMS).
*NB only those courses with a computing content of 50% or more will be considered and applicants must give full details on the application form of how the content of the course meets this requirement.
If you are interested in becoming the Information Technology Security Officer at this leading public sector organisation, please click apply or get in touch with JP Rooney at VANRATH.