We are looking for enthusiastic and talented individuals who thrive on challenge and change, and who want to make a difference through the delivery of results.
About the role:
The Senior Information Security Engineer will report to the Information Security Associate Director. He/she will be responsible for performing functions required to support day-to-day information security operations and engineering, supporting and maintain information security infrastructure, assessing and implementing new security solutions, and coordinating investigation and report of security incidents globally. The individual must be a technical security expert and have responsibility for ensuring that work is completed to the highest possible standard and fully in line with all corporate policies. This individual will work together and provide guidance to other members of the security team.
Responsibilities:
Ensure that projects and new technology implementations are completed and maintained in-line with agreed security standards and requirements, delivering exceptional performance, service delivery and continuity to the organization.
Conduct research on security capabilities/products and related systems to justify recommendations to Technical Design Authority (TDA).
Support the design and deploy new security capabilities and enhancements to existing IT infrastructure and associated systems.
Be the owner and SME of selected security tools used by GW.
Gauge the effectiveness and efficiency of existing security systems; recommend and implement technical plan for improvement, or further leveraging these systems.
Perform technical security audits in line with company policies and standards.
Create and maintain documentation as it relates to security configuration, mapping, processes, and service records.
Provide guidance to and partner with other engineers within the infrastructure team.
Executes additional tasks in order to meet departmental project-related or developmental/change objectives.
Carries out their work in a way that will not adversely affect their own, or others, health, safety and security or the environment and reports any shortcomings in GW arrangements.
Required Experience:
Excellent technical knowledge in security solution design (e.g. low-level design), security engineering (e.g. implementation plan, SOP, WIs) and technical planning
Strong knowledge in technical migration planning of As-Is architecture to Target architecture in a phased manner with close collaborations with network, security and system engineers.
Strong knowledge in security artefacts, technical standards and re-usable design patterns
In depth understanding of security principles and practices such as Defence in Depth, Least Privilege, Must to Know, Zero Trust, etc.
In depth understanding of security technologies e.g. next gen antivirus, vulnerability scanning, Logging and Monitoring, IDS/IPS, IPSec VPNs, load balancer, web application firewall, DoS/DDoS, Network Access Control (NAC), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), etc and their relevant tools. Knowledge of standard reference architecture is must.
Strong and proven technical background in high performance, reliable and secure cybersecurity architecture and security operations; and working on solutions to address complex problems.
Strong communicator; able to engage with technical and non-technical personnel effectively. Keeping all parties up to date proactively.
Strong experience in fine tuning security tools, such as antivirus, vulnerability scanning, web proxy, CASB, Single Sign-on(SAML),Identity and Access Management
Strong understanding of the basics of network security
Proven experience in delivering security technologies and tools incl. documentation (e.g. low-level design, technical standards, implementation plan, SOP, WI etc.) in close co-ordination with project managers, architects and network/system engineers.
Preferred Experience:
Security engineering and project delivery experience in pharmaceutical manufacturing process control system, SCADA and/or industrial control systems
Regulated industry experience with life sciences / pharmaceutical industry preferred.
Experience of Azure/O365 networking (VNETs, Express Route, VPN Gateway, Traffic Manager, NSGs), and its integration with on-premise data centre networks and public cloud services would be beneficial.
Conceptual and prior working in end user computing services e.g. Citrix, VDIs, mobile devices, BYOD, proxy, network access control is beneficial
VMware vSphere experience specifically around security configuration is beneficial
