Information Security Manager IT, Applications & Development - Hatfield, Hertfordshire Competitive Salary Our Client are looking for a self-starting individual who can take ownership of the Information Security Control and Risk Landscape within the business. As a greenfield / start-up, the model's definition is new and requires significant input to develop and implement. You will work alongside the Infrastructure and applications teams as part of the overall Information Technology function to define, influence and own the security control landscape. While this role will predominantly be focussed on management of risk and control, their will be occasional requirement to support the organisation technically in the achievement of the control objectives. As a greenfield site, a security control model has been defined but now needs to be delivered. The successful candidate will work with the technology teams to implement these controls, define the operating procedures and take ownership of the end to end security model. Job Duties and Responsibilities Ownership of the overall Information Security Framework and its successful delivery within the organisation Ownership of the information security policy set and their adoption within the organisation Ownership of the security control landscape and its successful operation within the organisation. Ownership of Security incidents and their management within the organisation Ownership of innovations to the organisation's security model. Ownership of the Security Risk Register and its accuracy within the organisation. The identification and alignment with relevant legislative and regulatory frameworks applicable to the organisations operating models and territories. Interfacing with management across the organisation to understand their technology and business process requirements in order to ensure that adequate security is developed and maintained. The identification and management of new risks based on the ever-changing external threat landscape and their appropriate allocation of ownership within the organisation. The management of the organisation's information assets and alignment with appropriate data protection frameworks such as GDPR/DPOv2. The ongoing reporting and KPI development for Information security in order to report its effectiveness within the organisation to the management team. The review of technology & service proposals from the business to ensure that they do not compromise the existing security model and have adequate security built in. The management of the annual Threat and Vulnerability management programme for the organisation. The management of the ongoing Security Awareness and Cultural engagement programme for the organisation. Managing third party security specialists from partners / vendors to aid in the delivery of the overall security programme and its objectives. Management of the security exceptions process, associated risks and violations. Supporting the daily operations and running of the technical teams through advice and information relevant to the business from the external security threat landscape. Management of information security incidents and the associated business impacts. Management of the ongoing Security Monitoring and Alerting programme. Management of the day to day security controls within the estate such as those protecting EUC, Servers, Infrastructure and other aspects of the Organisations attack surface. To undertake other reasonable duties as required by the management team. Person Requirements (Knowledge, Skills, Qualifications and Experience) You will have a minimum of 5 years' experience in an information security focussed role. You will have a technical background in either, infrastructure, applications or EUC including hands on experience and expertise in these area(s). You will have a recognised security qualification such as ISC2 CISSP, CISA or CISM or the equivalent proven experience. You will have prior knowledge of security frameworks such as PCI-DSS, ISO27001, CIS CCFv7, NIST, and will have experience in the delivery and/or management of at least one of them. You will have knowledge and experience of cloud platforms such as Microsoft 365, Azure, AWS & G-Suite and the associated security models available. You will have experience working with and managing the deliverables from third party specialists within the cyber industry such as service providers in the Penetration testing industry. You will have strong attention to detail as well as good written and verbal communication skills You will be able to work autonomously or as part of a team as needed and be able to manage multiple stakeholders at different levels of the organisation often with conflicting priorities. You will be an analytical thinker with proven problem solving skills. If you are interested in this opportunity please apply now! Your CV will be forwarded to Jonathan Lee Recruitment, a leading engineering and manufacturing recruitment consultancy established in 1978. The services advertised by Jonathan Lee Recruitment are those of an Employment Agency.Permanent / Hatfield
Forefront of innovation in the satellite communications industry for two decades, offering to all its stakeholders unrivalled expertise to design, develop and operate state-of-the-art solutions and systems, world-wide. Our portfolio of services and technology know-how covers the entire spectrum of any satellite communication project, from market opportunity sizing and end-user requirements down to ground network development and operations. To both commercial and defence related domains, we also offer unique modular and agile technology to enable a more user-friendly and accessible use of satellite communication resources. Innovation and ingenuity are the guiding principles of anything we do for our customers. Working with e2E requires a high level of dedication and personal motivation, commitment and a drive to continually seek to improve things but the results our Group has consistently achieved over the years, at personal and team levels, are outstanding and make e2E a great place to work. Job Description Our Company works in Satellite Communications systems, for commercial and military customers. We are expanding our team and are seeking a Senior Security Systems Engineer to assist with the security design and implementation of satellite systems and their telemetry, tracking and command (TT&C) networks and component parts; providing advice on the design, procurement and implementation of secure satellite networks, particularly their TT&C systems and cryptographic component parts. Key Responsibilities Establish and/or provide advice on security requirements for satellite systems. Undertake the top-level design of secure satellite communications system architectures. Advise clients on the implementation of Security Policy, Security Management Systems and Security Controls. Carry out security risks assessments of such architectures to establish both the security measures and strength of measures required. Provide advice to clients on the implementation of security measures through technical, physical and personnel means. Provide advice to clients on the design, development and implementation of secure TT&C systems. Provide advice to clients to support the procurement and contract of secure satellite systems. Provide advice to clients on the evaluation and certification of security components. Ensure compliance to appropriate security standards and security evaluation and certification requirements. Support a secure communications study involving the use of quantum techniques for cryptographic key distribution. Attend, and constructively contribute to, meetings with e2E Satcom's customers and partners. Skills, Character and Experience Experience of working as an integral part of a highly focused team Proven ability to take full responsibility for the delivery of critical system components Track record of developing innovative and efficient solutions to defined problems Evidence of being able to work within tight timescale and budgetary constraints Proven ability to produce clear, concise and unambiguous documentation confirming to applicable technical and quality standards Good customer-facing and communication skills with ability to produce and present clear, concise and unambiguous presentations to customers and other clients Essential Graduate with a good Honours or Masters degree in a relevant subject (eg telecommunications, communications security, satellite engineering). Equivalent qualifications and/or experience can be considered as an alternative Practical experience in the application of ISO27001/2 (or equivalent) and implementation of Security Management Systems within projects of various sizes The person will have >5 years of experience of security systems engineering on communications systems System level design and assessment of secure communications networks particularly those that include over-the-air interfaces Good understanding of the evaluation, certification of secure government and military communications networks (and component parts) through, for example, Common Criteria (CC) and the NCSC Assisted Product Scheme (CAPS) Good understanding of cryptographic systems including key management Desirable Chartered Engineer or equivalent Recognised security qualification such as CISSP or CCP Experience of satellite communications systems Experience of satellite telemetry, tracking and command (TT&C) systems. Knowledge of satellite system telemetry and command protocols (e.g. CCSDS) Working with MOD DAIS security teams, knowledge of JSP440, JSP604 Knowledge of quantum communications systems, particularly for secure cryptographic key distribution (QKD) Your CV will be forwarded to Jonathan Lee Recruitment, a leading engineering and manufacturing recruitment consultancy established in 1978. The services advertised by Jonathan Lee Recruitment are those of an Employment Agency.Permanent / Welwyn Garden City
Once again, I just wanted to say thank you for all your support so far with our Head of Credit Risk role. As an agency recruiter for many years my expectations are naturally very high and you always deliver good candidates with an exceptional CV layout which stops me from having to ask multiple questions about salary, skills or location. I value your professional and warm nature in comparison to the aggressive and obtuse way other recruiters speak to me. It goes a long way and is appreciated.
I would like to thank Jonathan Lee Recruitment for the fantastic assistance given to me along my recruitment path to find employment. The communication was great via e-mail and telephone. The guidance you gave was second to none relating to my CV and experience. I received the perfect job description matches from your systems job alerts which I duly successfully applied to. Thank you Jonathan Lee Recruitment...the perfect team!
I just wanted to thank Jonathan Lee Recruitment for the support and enthusiasm they have shown during the whole application process for my new role. It has really helped me a lot and made me wish I could work with people like you more often.
I have been working Jonathan Lee for 9 months on a contract based in Rainham Essex. At the beginning Matthew helped me through all the legal documentation and insurance requirements to be able to undertake the assignment and we have been in regular contact throughout. The assignment itself is great and I am glad to have found this through Jonathan Lee. I would and already have recommended Jonathan Lee to my friends and colleagues to use in the future.