Security Lead (Global) | Software, Infrastructure & Compliance | Remote

This manufacturing giant that is growing its global base and they are looking for a Group IT Security Expert to be a centralized function to manage the security environments. Your main goal is to optimize this essential cornerstone of the company. Work in close collaboration with the in-country IT Support Engineers and Corporate Security Team to ensure that there is seamless collaboration and the most optimal infrastructural security available group wide. Being part of the Information Security team, you will take a share of responsibility within project workgroups, defined by the Group CISO. You will be leading a team of 3 engineers who are based across Europe but this is a very hands-on security role. The security team is 28 strong globally.

This role will encompass you looking after the three core areas of security management:

• Compliance - ISO27001 / SOX / Cyber Essentials etc.
• Security Operations - i.e. network, infrastructure (Servers, Azure cloud etc)
• Software/Applications Security web/and internal application, SAP etc. Penetration testing etc etc.

The company has around 80 staff based in the UK across two sites, with around 18,000 globally, across 40 sites.

Here are some highlights of what our client is using/doing:

• SIEM tool used - Azure Sentinel
• HUGE environment - 760 million+ security events occur in the business each month i.e. log-ins i.e. why login in at midnight and in different countries etc.
• They share their analytics to competitors and like minded org
• Our client integrates with threat intelligence platforms (TIPs)
• Penetration testing. Tools used include: Qualys, Nessus, Darktrace, Pentura, Bloodhound
• Microsoft tools - CA risk management
• Panorama - Palo Alto Cloud firewalls
• Current network estate is physical - Azure migrations will move in Azure cloud over next months and year globally

Main responsibilities:

• Supporting the maintenance and development of Group information security (including cyber security), data privacy and business continuity management frameworks
• Working closely with Group IT, and other IT functions, to facilitate and monitor the maintenance of appropriate security, business continuity controls and related capabilities (including testing) across the Group
• Monitoring and reviewing suppliers, designs, assets and services for threats and risk
• Liaising with projects and other change initiatives to ensure that relevant information security technology risks are identified and appropriately managed
• Facilitating and reviewing externally commissioned security testing activities. Working with relevant stakeholders, including Group IT, to ensure that any deficiencies are promptly resolved
• Participating in the Incident Management process, managing incidents relating to information security, data privacy and business continuity
• Assist in designing the global security standards for the all manufacturing facilities, working in close collaboration with the business and IT people in the plants for a realistic structure, that can be implemented by the support engineers
• Assess the cyber resilience capability including detection methods and provide recommendations
• Work in collaboration with the people responsible for cloud controlling, e-mail, SAP and other key business application environments to ensure the security of these environments. Ensure there is a security by design approach for every system and every change
• Help the Country IT Support engineers to support their local security environments. Provide guidance and determine together with the wider IT team the strategy, applicable for all locations
• Maintain and administer detailed asset management for all security related devices
• Keep the documentation up to date and perform handover of day-to-day tasks to the operations team, based upon their availability
• Drive change through the organization by create an open and honest communication platform, respect all ICT procedures, embrace and uphold digital safety and provide feedback when needed
• Track the latest IT and Information Security innovations and keeping abreast of the latest cyber security practices and technologies

Job requirements, complexity, and challenges:

• Min. 7 years' experience within a similar, focused security function, or provable expertise
• Min. 3 years within an international company, preferably stock market based
• Experience in building and maintaining security systems
• ITIL Foundation
• Good understanding of the latest security principles, techniques and protocols
• Language knowledge: English is a must have, Dutch, German and/or French is a plus

Benefits:

• 12% Bonus
• Flexi time working scheme
• 30-5 - 40-hour week but can flex these
• 23 days holiday, rising by 2 after 2 years
• Private health and life insurance after six months
• Medical cashback scheme after 6 months for opticians & dental

Security Lead (Global) | Software, Infrastructure & Compliance | Remote