Key Responsibilities and Duties for a Cyber Security Specialist:
- Interpreting security guidance from external sources such as NCSC and NIST.
- Performing security risk assessments to identify and prioritise Cyber Security and cyber resilience risks and identifying appropriate controls and mitigation's to manage those risks.
- Achieving and maintaining security accreditation or security assurance as required, including assessing the impact to security of all proposed changes.
- Scoping and managing testing external penetration test companies, ensuring remediation
- As a Cyber Security Specialist you should own the roadmap delivery across the company, reporting into the Information Security Director and advisory to the CIO
- Play a key role in leading the rollout of the groups cyber and data security governance policies, standards and frameworks
- Review/create, maintain and publish standardised group security policies, procedures and guidelines.
- Ensure that standardised best practice access control and password management policies are in place and are implemented across the group.
- Be the subject matter expert for Cyber Security tools utilised across the business. Including but not limited to threat prevention, vulnerability management, security information and event management.
- Lead and chair the groups Cyber Security working parities to ensure continual alignment of our Cyber Security roadmap.
- Own vulnerability management, including the implementation and ongoing management of internal and external tools, scanning, reporting and remediation plans.
- Support technology teams in the validation, risk assessment and remediation of identified security vulnerabilities.
- Develop, maintain and execute Information and Cyber Security training and awareness across the group including regular testing such as Phishing and reporting and communicating this to senior leadership.