Cyber Security Technical Ops Specialist
Location: Dartford
Salary: Competitive base, car / travel allowance + benefits
Job Type: Permanent
Be part of transforming the construction industry, be part of our Cyber Security team.
Do you want to be part of something different? At Laing O'Rourke we have an opportunity for a Cyber Security Technical Specialist to join the team. Are you able to support comprehensive Cyber Security programs whilst optimising the operational performance and reliability of Infrastructure technologies? Then we need your expertise in controls and activities for the effective management of critical cyber security platforms.
Are you skilled with Privilege Access management, Application Control and Data Loss Prevention solutions? Then we need you to help optimise performance and ensure compliance to our cyber security certification requirements.
This position requires a deep understanding of security protocols, risk management, and the ability to proactively identify and mitigate potential threats to the business, whilst delivering cyber security with a service mindset. You will work closely with cross-functional teams from infrastructure and network support analysts across the business units to ensure the integrity and security of our applications and data.
Key accountabilities include:
1. Keeping abreast of potential and emerging cyber security threats, vulnerabilities, and control techniques, and managing the trade-offs required to handle different levels of risk across the business.
2. Focused on day-to-day operational tasks and maintenance of core Cyber Security infrastructure service platforms, including but not limited to:
* Manage and administer the Privileged Access Management (PAM) platform, including user access, permissions, audits, and configurations.
* Collaborate with IT and business teams to integrate and expand PAM controls into existing systems and applications.
* Manage and administer the Application Control platform, including policy configuration, rule creation, and software whitelisting/blacklisting to prevent unauthorized software installations and executions.
* Collaborate with IT teams to integrate Application Control mechanisms into existing systems and processes.
* Work with cyber analysts and engineers to maintain and optimize other cyber security platforms and tools to improve performance and user experience, including endpoint detection and response, network intrusion detection, patch management, web filtering, and email security gateways.
* Develop processes and procedures to manage, monitor, and improve the performance, reliability, recovery, capacity, and user experience of cyber security controls.
* Work with IT stakeholders to implement and test cyber security controls to ensure compliance with DR and BCP policies and scenarios.
1. Work with the Cyber and Infrastructure Engineering team to establish SME relationships.
2. Implement security best practices as directed by the Cyber Security Tech Ops Lead, Cyber Security Architect, and Engineering teams.
3. Ensure the quality and response time of support tickets.
4. Document and pass on knowledge and information to relevant Service delivery teams.
5. Research and assess new threats and security alerts, recommend remedial actions, and respond to security incidents (Prepare, Identify, Contain, Remediate, Recover).
6. Collaborate with key suppliers, partners, and vendors to maximize value and security benefits from security services and solutions.
7. Work with Cyber Security leadership to develop plans to enforce security requirements and address risks.
You will need knowledge of Infrastructure and Cyber Security principles, with the ability to create and develop operational processes. Part of the role involves developing and maintaining technical documentation, procedures, guidelines, and training. This requires a service management mindset to support and guide IT teams for best practices. Do you have experience with Security Incident Management tools (SIEM)? Do you demonstrate excellent knowledge of security technologies, enterprise systems, and cloud solutions? Join our Cyber Security team and showcase your knowledge of regulation standards, compliance, and governance.
Essential experience includes:
* Over 5 years of experience in IT, including around 3 years in an operational environment.
* Knowledge of best practices of IT security hardware and software, security suites, identity and access management, and encryption.
* Experience configuring and managing PAM solutions in enterprise environments.
* Familiarity with identity and access management (IAM) principles, including role-based access control (RBAC) and least privilege.
* Strong understanding of Application Control concepts, tools, and technologies (e.g., whitelisting, blacklisting, application allowlisting). Experience in configuring and managing Application Control solutions preferred.
* Understanding of security frameworks such as NIST, CIS Controls, or ISO 27001.
* Formal industry-recognized Cyber Security qualification such as ISC2 CISSP, ISC2 CISM, or Certified Ethical Hacker (CEH) (desired).
* Experience with Security and Network technologies.
About us:
We are an international engineering and construction company delivering state-of-the-art infrastructure and buildings projects for clients in the UK, Middle East, and Australia.
Certainty, reliability, quality - this is what our clients want. And at Laing O'Rourke, we have more than 150 years of experience delivering it. Our story is one of energy, passion, ambition, people, and teamwork. We harness the power of our experience, stretching back over a century and a half to deliver certainty for our clients.
As part of the Disability Confident scheme, we aim to enable access to candidates with long-term health conditions and disabilities through the 'Offer an interview scheme'. This supports applicants who meet the essential criteria by offering an interview. Please inform us prior to the interview of any adjustments required or how we can support you in the workplace.
We want our recruitment process to be accessible to all. If you need the application form in an alternative format or want to know more about our recruitment process, please email resourcingteam@laingorourke.com
#J-18808-Ljbffr