Job Description

Lead Security Engineer

IASME is a cyber security certification company based in the beautiful Malvern Hills, with offices in Belfast and Dalgety Bay, near Edinburgh. We work with over 900 cyber security experts to help organisations improve and show their cyber security. We also certify connected devices and ships of all sizes around the world. Through the Civil Aviation Authority's ASSURE scheme, we help the aviation industry manage their cyber security risks.

At IASME, we pride ourselves on being a welcoming and inclusive workplace. We value the unique skills and experiences that people of all ages and backgrounds bring to our team. We also support parents returning to work after taking time off to raise children.

This role offers a mix of working from home and in the office. You will need to come to our Malvern office at least one day a week.

A BPSS (Baseline Personnel Security Standard) check will be required for this role.

As a Cybersecurity Specialist, you'll lead the charge in developing and implementing advanced security tools, conducting in-depth security reviews, and advising on secure software development practices. You'll also play a critical role in incident response, security training, and maintaining key certifications like Cyber Essentials and Cyber Essentials Plus.

Key Responsibilities

Lead the development and implementation of advanced security tools and solutions to automate repetitive tasks.

Conduct in-depth security reviews of third parties and their applications.

Advise the development team with Software Security Code of Practice principles for complex projects, performing security audits throughout the software development lifecycle.

Act as a point of escalation for security alerts, ensuring timely investigation, resolution, or onward escalation as needed.

Provide guidance to colleagues on regular security auditing, log monitoring, and vulnerability assessment practices, ensuring findings are documented and addressed.

Contribute to the preparation and maintenance of security certifications, including Cyber Essentials and Cyber Essentials Plus.

Assist in the development and delivery of internal security training programs to promote awareness and adherence to security policies.

Serve as a key member of the Cyber Incident Response Team, supporting the Incident Manager during security incidents.

Assist in the development and maintenance of documentation to ensure consistent and effective operations.

Stay informed about emerging cyber threats, vulnerabilities, and attack methods, and proactively recommend strategies to address them.

Other duties as may from time to time be required by the company.

Competencies Required

Strong technical expertise in cybersecurity principles, techniques, and protocols.

Hands-on experience with Microsoft 365 Security, SIEM platforms, and other security tools.

Familiarity with SOC (Security Operations Centre) operations, including log monitoring and incident response.

Knowledge of network and web-related technologies, as well as common attack methods and mitigation strategies.

Excellent problem-solving and analytical skills, with a strong attention to detail.

Ability to troubleshoot complex issues and work independently under minimal supervision.

Strong communication skills, both written and verbal, with the ability to convey technical concepts to non-technical stakeholders.

A proactive approach to identifying and addressing security risks.

Competencies Desired

Knowledge of artificial intelligence (AI) and its implications for cybersecurity.

Experience with code review and secure coding practices.

Understanding of Cyber Essentials, Cyber Essentials Plus, and other security certifications.

Familiarity with industry frameworks and standards such as ISO 27001, NIST, or CIS Controls.

Knowledge of DevSecOps principles and practices.

Qualifications

Holds foundational cyber security qualifications such as CompTIA Security Plus, or similar.

Experience in cyber security field, or in general computing

Job Types: Full-time, Permanent

Pay: 35,000.00-40,000.00 per year

Work Location: Hybrid remote in Malvern WR13 6PL