Information Security Engineer Buckinghamshire – 1 day a week in the office Up to £70,000 plus a discretionary bonus of up to 15% 6% pension, Life Assurance, Private Medical Health care (family included), Dental Insurance, Healthcare cashplan, Salary sacrifice car scheme, Eye car vouchers, 27 days holiday plus bank holidays, Enhanced maternity, paternity and adoption leave and more. After a transformative 3-year change initiative, they have outlined a strategic 5-year plan to broaden their impact and enhance our operational efficiency. They are now seeking an Information Security Engineer to continue to develop, optimise, and maintain their security controls to protect the organisation's assets and data. About the role: As the Information Security Engineer, you will be responsible for enhancing and maintaining security controls. This role involves working closely with technology teams to ensure robust security architecture, providing expert advice on security requirements, and managing all technical change activities related to security. You will also identify and address security design gaps and recommend enhancements to existing and proposed architectures. What you will be doing: Security Control Development: -Develop and optimise security controls in collaboration with relevant technology teams. -Ensure adherence to architectural principles during design to minimise risk. -Drive adoption of security policies, standards, and guidelines across the organisation. Consultancy and Expert Advice: -Provide authoritative advice on security controls and requirements in collaboration with legal, technical support, and other functional experts. -Maintain recognised expert-level knowledge in one or more security specialisms. -Promote and support the development and sharing of specialist knowledge within the organisation. Research and Analysis: -Conduct research to evaluate, develop, and implement security practices and standards. -Track and understand emerging security technologies and practices. -Assess impacts, threats, and control opportunities, and create reports and technology roadmaps. -Share knowledge and insights with relevant stakeholders. Security Administration: -Monitor and ensure compliance with security administration procedures. -Review information systems for potential security breaches and collaborate with SecOps for investigations and control changes. -Contribute to the creation and maintenance of security policies, standards, procedures, and documentation. -Support the maintenance of the companies NIST capability maturity. What we are looking for: -Experience as a Security Engineer or in a similar role with a strong background in IT Security/IT Operations. -Demonstrable expertise in security controls and architecture. -Proficiency in security frameworks such as ISO, NIST, and OWASP. -Knowledge of Cloud infrastructure (e.g., Azure). -Experience with security technologies (e.g., SIEM, EDR, IPS, web and email gateways). -Qualifications (desirable): CISSP or similar certification, TOGAF or similar architectural framework certification, Vendor technology training/certifications (e.g., SIEM, EDR, IPS), Experience in security delivery roles. To apply: Apply using the link or share your CV to Weronika.majchrzakidentifiglobal.com