Description Salary: Base salary: £32,050pa to c.£37,700pa depending on skills and experience. In addition, we offer flexible benefits fund of 15% which is paid on top base salary and is fully pensionable, as well as a range of competitive benefits - check them out in the Benefits section on our website. HS2 Ltd endeavours to ensure everyone working for us and with us feels included, thrives and achieves their full potential. In practice, this means we are positive and inclusive about making adjustments, providing flexible working, encouraging our staff networks to flourish and providing personal and professional development opportunities. As a IT Security Officer at HS2 you will implement, and maintain robust security controls to mature / improve our security capabilities within the IT Security, Compliance, and Identity function. This role ensures the protection of our assets, systems, and data from internal and external threats, whilst driving continuous improvement in security controls About the role: Support in the management of the Security Operations, establishing and delivering methods and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management. Maintain operational security processes and ensure that all requests for support are dealt with, investigating security breaches where necessary. Support monitoring on external security environment, gathering information on emerging threats to HS2 and presenting them to leaders where required. Plan vulnerability assessment and penetration testing activities within HS2 IT, providing support where necessary in the review of vulnerability assessment tools and techniques. Contribute to risk management initiatives by providing identifying risks, supporting on risk mitigations, and ensuring compliance with security policies and standards. Manage improvement activity within the external Security Operations Centre, and support on SIEM improvement & maintenance activity. Support the design, delivery, maintenance, and continuous improvement of HS2 IT Security Ops capabilities in line with business needs. Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. Develop and maintain security incident playbooks and guidance. Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. About You: Skills: Security Operations. Providing expert guidance on live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. Threat Intelligence. Provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. Vulnerability Assessment. Identifying and classifying security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. Risk Management. Ability to identify IT security risks and the delivery of audit remediation activities: Knowledge: Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile Knowledge of day-to-day activities and best practice within a SOC Knowledge of technical security such as firewalls, network security groups, and access controls Types of Experience Experience enhancing security processes, and evolving capabilities via continual service improvement Experience of working on live cyber incidents and the remediation actions Experience of partnering with supplier teams for managed services delivery of improvements Experience across the full IT security spectrum (software, servers, infrastructure, and networks) The post-holder is expected to behave at all times in a manner consistent with the HS2 values of Safety, Leadership, Integrity and Respect It is expected that you will actively promote and embed Equality, Diversity and Inclusion (EDI) in all your work and support and comply with all organisational initiatives, policies and procedures on EDI. As HS2 Ltd do not hold a sponsorship license from the Home Office, we are not able to provide sponsorship to any applicant. Applicants must already have the Right to Work in the UK at the time of application and our process involves a Right to Work validation prior to the interview stage. Note, there are certain types of time-bound visas that we cannot accept. Any offers made to applicants will be subject to satisfactory completion of pre-employment checks which include Nationality & Immigration Status, employment references, DBS, Financial and Education checks. We ask for a variety of detail in your online application, however we perform the first assessment of suitability for a role based solely on the information in your CV. In a further development of our efforts to create a more diverse workforce, your CV will be anonymised and personal information will be removed during the first stage of the application review. This removes bias from the process and makes it even more important that you attach an updated word version of your CV for each new application ensuring you include evidence directly related to the criteria in the job advert. Watch this video on how we remove bias in the recruitment process: Removing bias in the recruitment process - YouTube Any applications received after the closing date will not be considered.