applicants
Information Security Engineer
at Ceres Power Limited Other in Other (Published at 10-10-2024)
Who we are:
Ceres is leading the way in clean energy innovation, pioneering advancements in electrolysis for green hydrogen production and fuel cells for future power solutions. With our dynamic licensing model, we've built powerful partnerships with major multinational companies like Bosch, Doosan, Shell, and Weichai and our solid oxide platform is transforming energy systems, delivering high-efficiency green hydrogen to decarbonise some of the most emissions-heavy industries including steelmaking, and future fuels.
At Ceres, we foster a workplace driven by passion and purpose. We support our team to think ambitiously, collaborate creatively and confront complex challenges directly. Innovation is at the core of who we are, and we strive to push the boundaries of whats possible with technology.
Purpose of the role
The role will work closely with technical teams and carry out hands on technical work as well as completing policy reviews and documentation. Supporting the business with audit work and closing out the technical findings of these audits. Working with 3rd party suppliers to maintain and secure our business data, including our external SOC. (security operation centre)
Key Accountabilities:
- Documentation of security policy.
- Implement technical changes within these policies, working with IS Operations team to comply with technical standards.
- Organisation of information security.
- Information security coordination.
- Allocation of information security responsibilities.
- Authorisation process for information processing facilities.
- Ownership of technical security systems including BYOD, MDM, Office 365, EMS and Intune.
- Carrying out security reviews including PEN tests, Vulnerability scans.
- Ownership of outsource SOC (Security Operation Centre), with responsibility for resolution of issue.
- Management of information security incidents and improvements.
- Reporting information security events and weaknesses.
- Security Alerting, ownership of alerts and resolution.
- Ownership and completion of Audits with internal cyber security and financial audits, along with updating plans.
- Security awareness training and setting up of training campaigns.
- Define, and execute, assessments on new third parties as they are contracted to engage with Ceres. This activity should be concentrated on high risk, key engagements.
Knowledge and skills required for the role:
- Knowledge of information security best practices, certification processes like ISO 27001a and cyber essentials
- Technical knowledge of Cloud services like Office 365, Azure, AWS
- Implementation of security tools like MDM, EMS, Intune, Airwatch
- Knowledge of Cloud security best practices
- Worked with or managed a SOC
- Detailed knowledge of audit processes and procedures
- Hands on experience in a 3rd line operational role
- Understanding of security testing procedures like PEN testing, Vulnerability Scanning
- Knowledge of networking and security best practices
- Works closely within functional and project teams
- Strong written and communication skills
- Capable of working independently as well as collaboratively with a team
- Solves complex problems, taking a new perspective on existing solutions
- Can work well within a project type approach
- Strong stakeholder management skills