EXPERIENCE
Essential skills and experience
- Experience and strong understanding and appreciation of a digital services design and development cycle
- Expert knowledge of cyber security and cyber security technologies and experience of the Cyber Essentials Plus standards in digital service design and delivery
- Proven track record and experience in developing cyber security policies and procedures, as well as successfully executing programs that meet business objectives
- Establishing the requirements for ongoing service monitoring of threats and vulnerabilities
- Excellent communication and engagement skills working at all levels from senior stakeholders to technical teams
- Strong team player
- Able to respectfully challenge and advise on ways to improve business practices where this impacts the effectiveness and security of ongoing service delivery
- Excellent problems solving and analytical skills and able to collect information, analyse, report and advise on evidence-based changes
- Strong risk management approach to delivery and able to apply risk methodologies within an agile development environment
Nice-to-have skills and experience
- Experience and strong understanding and appreciation of Azure Cloud based environments and inbuilt security tools
- Experience of the Umbraco web platform
- Experience of Microsoft Dynamics
- Understanding of Enterprise Architecture implications of information security controls
- Experience of the preparation of security focussed procurement requests for goods and services
- Experience of incident management processes
- Knowledge of Digital First Service Assessment standards
- Sound understanding of SE’s business objectives, processes and structure etc
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
- Professional security management certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials