i-confidential offers a range of information security consulting services. We provide cost effective services to help our clients to clearly understand their information risks and develop their information and cyber security strategies. We deliver practical, understandable solutions to protect information. Our client base is expanding, and our clients are asking for an increasingly diverse range of services.
We are looking for a VM Security Engineer that will be responsible for Leading the Engineering expansion and build of compliance and vulnerability management across the enterprise.
Please note this role falls inside IR35.
Summary of Requirements
- Act as SME for IT security and risk matters and provide security advice and guidance.
- Build and maintain inventive security controls in line with assigned project requirements.
- Support the development of policy, standards and architecture in relation to IT risks and security.
- Ensure applicable security policies and standards are being applied.
- Help develop appropriate security awareness and knowledge within Enterprise Security.
- Best practice for security configuration and enterprise-wide security policies, standards and architectures.
- Security industry trends, technologies and vendors.
- Identify potential areas of risk and options for risk removal, reduction or mitigation.
- Consult and inform in the development of Security Configuration policies.
- Undertake security assessments for assigned projects and provide security consultancy more generally.
- Work closely with domain experts to ensure discussions with business units around new security standard adoption consider both business and security requirements.
Skills and experience required.
- Direct operational experience of facilitating integration of systems with Tenable vulnerability management system, particularly in the area of local device audits.
- Direct operational experience of vulnerability and build compliance reporting templates using Tenable SC and/or PowerBI.
- Direct operational experience of working with and rolling out adherence to CIS/STIG industry best practice advice on security configurations
- Knowledge of IT security principles and controls (ISF/NIST/ISO27002/COBIT)
- Hypervisor/Virtualisation (Vmware, Citrix, etc. )