The main purpose of this role is to support the ISMS Manager and Director of Technical Operations to achieve the highest standards of information security, ensuring compliance with ISO27001 and CAS(T). The post holder will lead the technical implementation of INOC’s commitment to preserving the confidentiality, integrity and availability of all the physical and electronic information assets both internally, and those entrusted to us by customers.
In particular, the post holder will need to (a) ensure that INOC complies with relevant legislation, regulations, codes of practice or technical guidance in all matters relating to security, (b) provide specialist advice for security on matters relating to security management, and (c) provide specialist training to all levels of staff within the organization on all matters relating to security.
The post-holder will need to be aware of the bigger picture both within the Company, and our Clients. In particular, will need to understand the importance of Data Security management, including external drivers and standards such as ISO 27001 and CAS(T). The post-holder will be responsible for keeping the Company informed on these issues and advising them of the best approach and opportunities.
Security Engineer reporting to the Director of Technical Operations
The Security Engineer’s key responsibilities include:
- Implementation of ISO 27001 and CAS(T) compliant policies, controls and processes
- Continued evolution of INOC’s security policies, controls and processes
- Network and server administration support
- Conduct and facilitate data vulnerability assessment/monitoring and penetration testing
- Planning and conduct of internal audits for ISO 27001 compliance verification under the direction of the ISMS Manager
- Support to departments and projects for implementation of management system information security
- Conduct security awareness training
- Monitor and remediate applicable special interest findings
- Assist ISMS Manager with the ISO Documentation Library policies and standards
- Diligence in documenting security incidents and administrative tickets
- Responsible for INOC’s information security by preserving the Confidentiality, Integrity, and Availability (CIA) of INOC’s client and INOC’s internal information assets in accordance with INOC’s Information Security Management System.
- Bachelor’s or Associate’s degree in Networking, Computer Science, Computer Engineering, related field or equivalent experience.
- A minimum of 5 years of experience in a related position.
- An in depth understanding of information security, security policies, account policies and standards for logical and physical implementations.
- A basic knowledge of Regulatory Compliance as it affects INOC and our Customers.
- A good understanding of the information security control measures as defined in ISO27001 and CAS(T).
- A working knowledge of risk assessment as it is applied to information security
- The ability to perform, manage and/or participate in audits.
- A sound understanding of security architecture, firewall policy and configuration.
- Should have prior experience in Network and Server Administration Support
- Obtain Pertinent certifications
- Self-starter with good work ethic; commitment to deadline
- Eye for detail and accuracy very important
- Team player who works well with others
- Excellent communication & documentation skills
- Professional appearance and attitude, positive, friendly personality
- Independent problem solving skills