London, Farringdon 19th November
REPORTING TO: HEAD OF INFORMATION SECURITY
Reed & Mackay leads the global travel and event management arena with extraordinary service and proprietary, client-led technology. Ranked first in the Sunday Times International Fast Track 2020, we are a business that is always looking forwards, while ensuring that we’re everything that our clients need today. In May 2021, we became part of the TripActions Group, and together we are setting the agenda for the future of business travel.
PURPOSE OF THE ROLE:
Due to the continuing growth of our business internationally and the importance we and our
clients place on information security, a position has become available for a highly competent
individual to join the Information Security Team.
This is a full-time, hands on technical position for an experienced Enterprise Security Engineer to
join the Information Security Team and offer broad expertise in designing and maintaining a best-in-class security stack. The engineer will work very closely with both the Reed & Mackay and
TripActions Security Teams, IT and other technical and non-technical teams throughout the
company. They will implement and improve security related workflows, solutions, and will be a key contributor to the overall security posture of the company.
WHAT YOU’LL DO:
In line with the company’s ISO27001, Cyber Essentials, SOC2 and PCI DSS compliance:
- Diary management
- Setup, deploy, and maintain various Enterprise focused security technologies
- Work cross functionally with multiple teams and service owners to drive program goals to completion within designated SLAs
- Information security incident and problem management
- Provide recommendations and assist in the remediation vulnerabilities and hardening of various systems
- Identify and advise on security risks and associated remediation activities
- Document processes and procedures to ensure compliance and quality of the Information
- Security Management System and Enterprise Security Program standard operating procedures
- Contribute to security audits and carry out tasks in support of our ISO certified management systems (ISO 27001, 22301, 9001 and 14001) and other security certifications and standards (SOC2, PCI-DSS, NIST and Cyber Essentials).
- Advise on the security aspects of IT Projects and Changes including risks and best practices
- Develop and foster empathy for employees, customers, and stakeholders, and balance security with business requirements
- Contribute to the Information Security Strategy and Information Security Programme to maintain and improve the security maturity and posture of the business
- Perform other related duties as required or assigned
This role has no supervisory responsibilities. However, as a senior contributor, you will be expected to train, mentor, document and share knowledge with fellow teammates.
WHAT WE’RE LOOKING FOR:
- 6+ years of relevant experience
- Experience with Enterprise Security and IT technologies and systems such as EDR, firewall, DLP,SIEM, IDS/IPS, VPN, SAML, TCP/IP, malware analysis & IAM
- Strong familiarity with server and endpoint operating systems, SaaS application technologies, cloud provider ecosystems, and traditional networked environments
- Email Security concepts incl. DMARC, DKIM, SPF, encryption and header analysis
- Cloud Security concepts specifically in MS Azure IaaS and PaaS
- Network Security concepts covering SD-WAN, VLANs, firewalls, switches, 802.1x and Wi-Fi
- Knowledge of system hardening and security architecture best practices
- Experience with common scripting languages such as BASH, python, or PowerShell
- Ability to function effectively and professionally in a fast-paced environment
- Very strong detail orientation and ability to maintain focus
- Excellent organizational and time management skills; Prioritization and deadlines
- Ability to multitask and manage multiple projects/priorities daily
- Work proactively and independently and communicate effectively with others.
- Knowledge of data protection best practices incl. privacy by design and GDPR compliance is desirable
- Ability to make effective use of resources available to complete tasks to agreed deadlines
- Hold recognised information security certifications such as CISSP, CCSP, SSCP, CEH, CCP or equivalent academic or professional security qualifications
If you believe this role is for you, please send your CV to Recruitment@reedmackay.com