Closing Date
2024-11-03
Job Title: Information Security – Threat & Vulnerability Specialist
Location: Durrington (Worthing) Hybrid
Contract Type: Permanent
Hours: 37/ week
Salary: Up to £75,000 DOE
There has never been a better time to join our organisation as we build towards a greener future, tackling climate change, minimising our environmental impact, and reducing our carbon footprint!
This is an exciting opportunity to work in a varied role with an ever-changing landscape, where you will be challenged and given the opportunity to learn and thrive.
**You must be eligible to work and reside in the UK to apply, we are unable to offer sponsorship at this time. You must be eligible to undertake SC clearance for this role.**
Job Overview
This role will be working closely with our CISO in our Durrington offices, on a hybrid basis (flexibility to be on site as required is essential), you will be working both reactively and proactively while Southern Water goes through a huge Digital Transformation, where we are introducing new technology often.
You will be working with cutting edge practices, and some of the best tools on the market with full support from the top down.
On a day-to-day basis, you will be:
1. Scoping and organising Pen Tests
2. Managing scheduled and Ad Hoc scanning and other testing
3. Converting findings into actions and tracking resolutions
4. Using comprehensive Threat Intelligence feeds to map environments and take necessary actions
5. Threat hunting
6. Document and update, as appropriate information security policies, standards and processes: ensuring they stay up to date
7. Supporting response to incidents
8. Supporting the ongoing refinement of CMDB in IT and OT environments for mapping of Threat Intelligence
9. Working closely with physical and personnel security, particularly in connection with CNI
10. Responding to regulator queries
11. Liaising with NCSC and other bodies
12. Shaping and refining the Threat and Vulnerability Management approach and strategy
13. Working with the project community to educate and plan testing, scanning and other considerations
14. Advising and supporting executive leadership and other colleagues
About You
The most important thing is the right attitude; we want someone who can work flexibly, and be open to learn and grow with this role.
We are not looking for any specific qualifications for this position, however if you have got proven history of learning and growing; investing in yourself, that’s going to give you a strong advantage.
You will have experience in:
15. Threat and vulnerability management in a complex organisation
16. Monitoring threat levels and assessing potential impact
17. Reviewing threat reports and making decisions on the best course of action; following through the issue through to resolution
18. Prioritising threats and taking action accordingly
You will also have:
19. Expertise in industry standard scanning tools and Threat Intelligence feeds
20. Knowledge of ISO27001/ISO27002
21. Excellent documentation and reporting skills
22. Attention to detail
23. Ability to work effectively within a team
24. Good communication skills
25. Ability to manage situations of complexity with positive outcomes
26. Ability to clearly communicate actionable insights and complex findings
27. Positive problem-solving ‘can-do’ attitude
28. Innovative ways of working
29. Ability to translate technically complex findings into layman’s terms
30. An understanding of the differences between Corporate and ICS/OT environments
Preferable:
31. Familiarity with NIS Regulations
32. Familiarity with common ICS components
33. Experience of Critical National Infrastructure
Package
This role will be full time Monday to Friday with a hybrid approach to working between our Durrington (Worthing) office and home.
We are offering a salary of up to £75,000 per annum depending on skills and experience as well as other benefits including:
• Generous pension up to 11% company contribution
• 25 days annual leave
• Life assurance equal to 4x salary
• Salary sacrifice electric car scheme (after 6 months service)
• Health Cash Plan
• Full funded eye tests
• Two paid volunteering days a year
• Occupational health service
• Discounts with over 800 popular retailers
• Digital GP service
• Study support may be available for job-related qualifications
• Competitive maternity leave and flexible return to work options
• Cycle to work scheme
Join our InfoSec team and see how far your career could progress with a company committed to career progression, training and development opportunities, our customers and the environment.
Does this opportunity excite you but you’re not 100% sure if you meet all the requirements for the role? Or are you concerned that ‘normal’ office hours aren’t possible given your personal circumstances? Whilst we can’t accommodate every flexible working request, we’ll try to find a practical solution. So why not engage with us and find out more about this role?
If this role isn’t quite what you’re looking for but are keen to be contacted about opportunities at Southern Water, you can register your details here: Introduce Yourself (myworkdaysite.com)
Our customers are at the heart of everything we do, because delivering water for life is our core purpose. To achieve this, we need 24/7 support in place to resolve incidents quickly and efficiently. All our employees understand the importance of out-of-hours incident support – because when problems appear, fixing them is our top priority. That’s why our people join together and support when and however needed to make sure our customers get the service they deserve. Joining the Southern Water family means you’ll become part of our incident support team. During your interview, your manager will speak to you about any incident support rotas that apply to your position.
Privacy Statement:
Please note: If you are an existing Southern Water employee, you will need to confirm within your application that your Manager is aware of your application.
All applicants must be eligible to live and work in the UK. You will need to provide evidence of eligibility (e.g. a passport or long birth certificate and proof of NI) and current proof of address (dated within the last 3 months), will be required as part of the recruitment process. If you do not meet these criteria, your application will not be considered.
#LI-AW1
#LI-Hybrid