Job Title: ICT Security Engineer
We are seeking experienced ICT Security Engineers to join our team at ClearCompany. As a key member of our diverse and fast-paced team, you will provide operational and system security management and administrative services for complex security issues.
About the Role:
As an ICT Security Engineer, you will work closely with business stakeholders, project managers, systems architects, and other groups to define and support solution delivery. Your primary responsibilities will include:
* Providing operational and system security management and administrative services for complex security issues.
* Conducting capability and concept development in the context of technical security.
* Undertaking security design and implementation activities.
* Delivering verification and validation activities, including conducting security certification/accreditation and support activities.
* Developing a schedule of work and reporting on progress.
Requirements:
* Bachelor's degree in Information Technology or related field.
* At least 5 years' experience as a security engineer or similar role.
* Experience in identifying and/or applying security controls.
* Experience with security controls in cloud computing systems.
Desirable Skills:
* Experience with using and administering ICT security applications such as SIEM (e.g. Arcsight, Splunk), vulnerability management tools, or endpoint protection tools.
Critical Skills:
1. SCAD 5 - Security operations: Level 5 (SFIA) Monitors the application and compliance of security operations procedures. Reviews actual or potential security breaches and vulnerabilities and ensures that they are promptly and thoroughly investigated. Recommends actions and appropriate control improvements. Ensures that security records are accurate and complete and that requests for support are dealt with according to agreed procedures. Contributes to the creation and maintenance of policy, standards, procedures, and documentation for security.
2. SCTY 5 - Information security: Level 5 (SFIA) Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Contributes to the development of information security policy, standards, and guidelines. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis, and accreditation on complex information systems. Investigates major breaches of security and recommends appropriate control improvements. Develops new architectures that mitigate the risks posed by new technologies and business practices.
3. INAS 5 - Information assurance: Level 5 (SFIA) Interprets information assurance and security policies and applies these to manage risks. Provides advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards, and guidelines. Plans, organises and conducts information assurance and accreditation of complex domains areas, cross-functional areas, and across the supply chain. Contributes to the development of policies, standards, and guidelines.
Attributes:
* Strong written and verbal communication skills;
* Desire to be accountable for their actions;
* Strong stakeholder management skills;
* Demonstrate leadership behaviours;
* Willing to challenge the traditional ways of doing business;
* Thrive in dynamic environments and comfortable with ambiguity;
* Outcome-focused mindset;
* Adaptability, resilience, flexibility, and teamwork, including regionally dispersed teams, if applicable.