Enable job alerts via email!

Lead Engineer - TISO, Risk Assessments

SYNAPXE PTE. LTD.

Forfar

On-site

GBP 70,000 - 90,000

Full time

7 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading company in Scotland is seeking an experienced IT Security Consultant. The role involves guiding the Business Services Group in compliance with IT security policies, performing risk management, and conducting security assessments. Ideal candidates will have over 12 years of experience in various IT security domains and relevant certifications. Strong interpersonal skills and the ability to work independently are essential.

Qualifications

At least 12 years of IT security experience across various domains.
Professional certifications like CISSP, CISM, CISA are advantageous.

Responsibilities

Provide guidance to ensure compliance with IT security policies.
Perform security risk management and vulnerability assessments.
Conduct independent assessments of technical security controls.

Skills

Risk Management

Cloud Technologies

Data Protection

Interpersonal Skills

Stakeholder Management

Communication

Education

Degree in Computer Science

Degree in Information Systems

Degree in Engineering

Tools

AWS

Azure

Google Cloud

Provide guidance to Business Services Group (BSG) in ensuring that projects/systems comply with Company’s IT security policies and the relevant legal and regulatory frameworks (such as PDPA or Cybersecurity Act) throughout the projects/systems lifecycle
Perform security risk management, including identification, assessment and provide treatment of security risks associated with systems handled by Business Services Group. Risk assessment must be performed in accordance with the Company’s cybersecurity risk management framework
Provide guidance to Business Services Group related to vulnerability assessments, source code review and penetration testing so that remediation actions can be undertaken by Business Services Group within the agreed timelines
Provide security consulting and advisory to Business Services Group
Review RFP proposal compliance with security requirements
Review architecture design developed by Enterprise/Solution/Security Architect
Perform cybersecurity assurance activities across the different stages of SDLC
Evaluate risks related to third-party vendors, products and identify mitigating measures
Perform independent assessments of the technical security controls implemented within the projects/systems to determine the overall effectiveness of the controls
Review and propose improvements to IT security policies, framework, standards, procedures and best practices
Degree in Computer Science, Information Systems, Engineering or equivalent
At least 12 years of IT security experience in more than one of the following: security governance, risk management, application security design, security project management, security operation, cloud security technologies, network access, identity, governance and access management, privileged access and identity management, security information and event management
Strong risk management principles, risk articulation skills, cloud technologies, network security, data protection
Knowledge of cloud platforms such as AWS, Azure or Google cloud is desirable
Professional security certification such as CISSP, CISM, CISA, CCSP, CRISC or other similar security certifications are advantageous
Self-motivated with the ability to work independently with minimal supervision and willingness to listen
Strong interpersonal and stakeholder management skills with good written and verbal communication skills