Information Security Officer

Role Description

Key Responsibilities

  • Provide Security best practice within a fast-paced agile development team
  • Liaise with Security Change area regarding technical solution reviews and pen tests
  • Work with Technical Security Operations team on identifying and resolving vulnerabilities
  • Maintenance and management of the GWS Information Security Policy, based on international standards and Group guidance
  • Perform vulnerability scanning during project delivery
  • Work with team to integrate Security testing into the DevOps process
  • Mentor members of the team to spread the knowledge of Security best practice
  • Management of Team Information Security Forum, featuring regular interaction with senior management, Group Information Security, Internal Audit and Risk

Key Experience

  • Security certification; CCSP, CISSP
  • Awareness of OWASP
  • Demonstrable interest in the area of Security (e.g. personal projects, white hat hacking, blogs)
  • Pragmatic view of Security, with an ability to prioritise and to take responsibility for one’s own workload, in a fast-paced environment
  • Experience in Risk & Compliance
  • Deep technical understanding of web technologies
  • Vulnerability analysis
  • UAM best practice and administration
  • Soft skills: the ability to build relationships within the team and with other areas, and influencing skills to ensure adoption of best practices

Desirable Experience

  • Cloud experience
  • Awareness of Cybercrime
  • Previous hands-on technical experience e.g. in development or systems administration
Back to Top