Senior IT Security Officer

This job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board.

Job Description

Salary: Base salary: £38,550pa to c.£45,350pa depending on skills and experience. In addition, we offer flexible benefits fund of 15% which is paid on top base salary and is fully pensionable, as well as a range of competitive benefits - check them out in the Benefits section on our website.

HS2 Ltd endeavours to ensure everyone working for us and with us feels included, thrives and achieves their full potential. In practice, this means we are positive and inclusive about making adjustments, providing flexible working, encouraging our staff networks to flourish and providing personal and professional development opportunities.

As a Senior IT Security Officer at HS2 the key responsibility is the effective management of the Identity & Access Management (IAM) pillar within the IT Security, Compliance & Identity function. This role covers standards, processes, and technology within the IAM remit. This role is responsible for using and applying knowledge of business goals and security requirements to frame problems and set priorities for internal and external delivery teams.

About the role:

• Lead the Management & Strategy of the Directory Services capability with Product Owner. Manage and lead delivery across Azure Active Directory (Entra ID) and Active Directory, acting as the Product Manager for these technologies.
• Support, facilitate, oversee, and quality check of data assurance processes and controls across IAM; inclusive of support of the automation strategy and audits.
• Facilitate health and performance processes of the Directory Services capability.
• Lead and manage the authentication and authorisation capability; determining and delivering requirements, controls, and technology to provide value and reduce risk.
• Lead the creation and maintenance of IAM standards procedures, and documentation (including playbooks and guidance).
• Responsible for improving application compliance to the IAM policies.
• Deputise for the Lead Security Manager (IAM).
• Direct the day-to-day activity of our MSP who will deliver IAM capabilities (on HS2's behalf).
• Develop, maintain and test IAM incident management and BAU procedures, investigating and evolving our capabilities to provide lean delivery & resolutions.
• Responsible for IAM risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts to ensure that identities remain secure.
• Responsible for the design, delivery, maintenance, and continuous improvement of HS2 IAM capabilities in line with business needs.
• Support and help manage the Identity security permitter, whilst enabling low friction onboarding / offboarding.
• Mentor members of the Team on Domain Services, Authentication, and Authorisation.
• Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams.
• Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI.

About You:

Skills:

• Relationship Building: Ability to develop and maintain strong relationships with internal and external stakeholders.
• Product Management: Ability to manage and develop products or services through their full lifecycle from inception, growth, maturity, decline to retirement with the Product Lead/Manager.
• Data Analysis: Able to interrogate and analyse large volumes of data across multiple data types and structures to inform and resolve.
• Problem-Solving: Strong proactive and problem-solving ability tackling challenges, able to bring solutions to problems when foreseen or arise.
• Framework Management: Ability to maintain, challenge, and produce frameworks to support the IAM capabilities.
• Supplier Management: Ability to align organisation objectives with supplier activities, and balancing costs, efficiencies and service quality.
• Emerging technology monitoring: Ability to identify and assess new and emerging technologies, products, services, methods and techniques.
• Options: Production of option paper as and when required to enable reduction of risk and improved security posture.

Knowledge:

• Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile.
• Knowledge across a wide spectrum of IAM capabilities (E.g. Security groups, JML, IGA, PAM, RBAC etc).
• Knowledge of Microsoft IAM capabilities. Awareness of broader security principles: E.g zero trust, firewalls, proxies, risk management, compliance, security operations.

Types of Experience:

• Experience managing domain services, including Active Directory AD & Azure Active Directory. Experience with authentication and authorisation across Cloud/On-Prem with protocols such as LDAP, SAML, OAuth, and MFA; with proven experience of implementation of SSO.
• Experience with PowerShell and automation.
• Experience designing and implementing secure systems, leading review where necessary of complex security issues.
• Experience of supporting and informing risk-based decisions.
• Experience dealing with the security implications of transformation and day-to-day product changes.

The post-holder is expected to behave at all times in a manner consistent with the HS2 values of Safety, Leadership, Integrity and Respect.

It is expected that you will actively promote and embed Equality, Diversity and Inclusion (EDI) in all your work and support and comply with all organisational initiatives, policies and procedures on EDI.

As HS2 Ltd do not hold a sponsorship license from the Home Office, we are not able to provide sponsorship to any applicant. Applicants must already have the Right to Work in the UK at the time of application and our process involves a Right to Work validation prior to the interview stage. Note, there are certain types of time-bound visas that we cannot accept.

Any offers made to applicants will be subject to satisfactory completion of pre-employment checks which include Nationality & Immigration Status, employment references, DBS, Financial and Education checks.

We ask for a variety of detail in your online application; however, we perform the first assessment of suitability for a role based solely on the information in your CV. In a further development of our efforts to create a more diverse workforce, your CV will be anonymised and personal information will be removed during the first stage of the application review. This removes bias from the process and makes it even more important that you attach an updated word version of your CV for each new application ensuring you include evidence directly related to the criteria in the job advert.

Any applications received after the closing date will not be considered.

About Us

High Speed 2 (HS2 Ltd) will be the UK's new high speed rail network. As well as improving capacity, the new scheme will shorten journey times between a number of Britain's major population centres, boost the economy and create thousands of jobs.

HS2 Ltd will create a skills legacy and develop a diverse range of talent. We aim to be a leader in EDI practice by creating a safe & inclusive working environment for all our staff - living our values of Safety, Respect, Integrity and Leadership.

HS2 Ltd is also a safety-critical organisation. Employees are required to ensure reasonable care of their own and others' health and safety by taking personal responsibility for working to our 'Safe at Heart' programme principles and following safe working procedures at all times.

HS2 Ltd endeavours to ensure everyone working for us and with us feels included, thrives and achieves their full potential.