Experienced, hands on technical SME who has worked in a specialist practice and is able to develop technical security capabilities to improve our ability to monitor and manage security operations, significant security events and incidents.
Is able to translate security architectures, policies and standards into compliant IT solutions using industry accepted engineering and design methods.
Monitors and surveys Diageo’s IT environment using technical analysis of logs to identify weaknesses and gaps in technical security controls. Lead the response to any significant security breach or incident within the Diageo operating environment. Initially the role will focus on the incident and log analysis aspect of the role and it is anticipated that this will consume upwards of 60% of the successful candidate’s time. Over time as this becomes more steady state this will drop to 20-30% of their time.
Drive and support the Diageo technical environment in complying with key Information Management and Security policies, codes, processes and requirements both by engaging with internal teams and technology partners. Ensure that the technical environment is capable of delivering appropriate technical security requirements.
Translate the strategic direction and enterprise security architecture into standards compliant IT solutions. Information risks are managed and mitigated using a variety of controls types that involve people, process and technology. Identify potential new sources of risk for escalation to the global information security team. The role of the engineer is to ensure that the correct security design topology, security specification, engineering and deployment occurs for all IT solutions. Ensure the environment supports the proper investigation of security incidents and that when incidents occur they are adequately investigated concluding in specific recommendations and identification of relevant factors indicating possible changes to the Diageo risk landscape.
Top 3-5 accountabilities
Takes the strategic direction and requirements from IM&S and compiles 3 year technical roadmaps to deliver the security vision and goals.
Validates the feasibility of the roadmaps and detailed designs and produces the necessary business cases for justifying project spend.
Ensure IT solutions are secure/compliant through the creation of technical security standards, covering infrastructure, systems, and solution and implementation of risk mitigations.
Qualifications and experience required
CISSP qualification, MInstISP, GCIH, CISM or information security relevant degree.
Min 5 years experience in: Experienced technical IT solutioner with specialist experience of Information Management and Security.
Min 5 years experience in: Experienced technical IT solutioner with specialist experience of Information Management and Security.
Experience in optimizing security solutions such as Arcsight SIEM, IPS and proxies.
Building a consolidated view of technical roadmaps to deliver secure IT solution and to ensure IT assets and solution are have sufficient security controls embedded.
Production of detailed design specification for Information Security requirements.
Experience of building effective relationships and influencing senior stakeholders.
Ability to understand and articulate the implications of technical security risk from a business perspective.
Diverse experience of operating systems from a security perspective
Detailed technical understanding of the anatomy of security attack vectors and exploitation techniques, including currency with emerging attack techniques.
Director of Technical Security Services
Director of Technical Security Services
Reviewed by Unknown
on
12:20:00 AM
Rating:
No comments: