Information Security Analyst

Who are we?

We hire those that seek to innovate across people, process and technology. Join our global workforce, visualise the future and strive for success. Our engineering campus and corporate offices in the UK and US are optimal environments for ideas and innovation to flourish.

ALL.SPACE, formerly Isotropic Systems, has developed the 5th generation smart terminal, capable of linking with all satellites, all networks, in all orbits, all at once. Our ground-breaking software-defined service enablement platform integrates intelligent routing, edge computing and on-demand services to deliver unprecedented network resilience and application performance. Whether you're on land, sea or air, we ensure that you stay connected.

Visit www.all.space to learn more.

Requirements

The Information Security Engineer is responsible for defining, leading, and managing Information Security management, governance, risk and compliance, and audit and assurance for the organisation. Working closely with the IT Director and the business, the role will help develop an Information Security Strategy and Roadmap to protect the organisation from the increasing threat landscape. Part of the role includes working with the IT Team to implement tools, processes, procedures and reporting systems that help control and mitigate against critical vulnerabilities.

Role and Responsibilities

• Developing a clear strategy and roadmap for Information Security Management, together with an associated budget for implementation and annual development
• Assessing current technologies, both on-premise and cloud, for potential vulnerabilities, weaknesses and for possible upgrades and/or improvements
• Serving as a focal point of contact for the information security team within the organisation
• Identifying and implementing tools to help the organisation defend against security threats and vulnerabilities
• Leading and managing the organisations security certifications, including ISO:27001, Cyber Essentials/Cyber Essentials Plus and NIST
• Developing and improving security policies, procedures, and reporting systems
• Assisting the IT Team with the monitoring of security events, their triage and remediation
• Overseeing information security audits carried out by third parties
• Providing information security awareness training to business colleagues
• Managing security team members and all other information security personnel as the company grows
• Developing and managing the organization's Risk Management System and escalating risks that are out of appetite
• Ensuring appropriate governance is in place to assure the Information Security Management System and Security Operations are adequately controlled and mitigated
• Developing and improving physical security, disaster recovery and data recovery systems
• Using the organisations Vulnerability Management System to identify threats and vulnerabilities and for installing critical security patches

Qualifications and Education Requirements

Degree in Information Security or related subject and/or a minimum 5 years’ experience of working in a similar IT Security role

Preferred Skills

• Experience of leading ISO27001 certification and external audits in a complex operating environment
• Understanding of the NIST Framework and / or NIST assessments would be an advantage
• Knowledge and understanding of computer networks, operating systems (Windows, MacOS and Linus), Azure and O365 would be an advantage
• Remaining up to date with the latest security trends

Additional Notes

• The role is based at Thames Valley Business Park in Reading
• Preference will be given to candidates who have worked in IT Security in an Engineering environment
• The responsibilities form the basis of the role and may be amended over time as the organisation grows
• Some travel between offices may be required from time to time

Benefits

• Generous stock options
• Annual bonus
• 25 days annual leave
• Public holidays
• Travel to work schemes
• Fruit, snacks & drinks
• Discounts platform
• Well-being centre