Cyfoeth Naturiol Cymru / Natural Resources Wales seeks a Specialist Security Officer to implement and maintain robust cyber security controls, ensuring compliance with legislation and standards such as NCSC guidance, ISO 27001, GDPR, and public sector frameworks (Cyber Essentials Plus, PSN, NIS2). The role will support the organisation’s cyber resilience strategy and report to the Information Management and Security Team Leader.
Responsibilities
* Monitor security alerts and threat intelligence feeds to detect and respond to cyber incidents.
* Lead or support incident response activities, including investigation, containment, eradication, and recovery.
* Manage and maintain security tools such as SIEM, endpoint protection, vulnerability scanners, and firewalls.
* Conduct regular vulnerability assessments and coordinate remediation efforts.
* Support the development and enforcement of security policies, standards, and procedures.
* Conduct risk assessments and contribute to the organisation’s risk register.
* Ensure compliance with public sector cyber security frameworks (e.g., Cyber Essentials Plus, PSN, NIS2).
* Deliver cyber security awareness training and phishing simulations to staff, promoting a culture of security across the organisation.
* Provide security input into ICT and digital transformation projects.
* Conduct security reviews of new systems and services, ensuring secure‑by‑design principles.
* Liaise with internal stakeholders, external partners, and national cyber security bodies (e.g., NCSC, law enforcement).
* Prepare reports and dashboards for senior management on cyber security posture and incidents.
Position Details
This post reports to the Information Management and Security Team Leader. Work is on a flexible shift pattern to cover service hours and includes participation in the security ‘Out of Hours’ rota.
#J-18808-Ljbffr