Cyber Security Specialist (PAM / IAM Solutions / Application Control – whitelisting / blacklisting)
Laing O'Rourke
Date: 1 day ago
City: Dartford, England
Contract type: Full time
Location: Dartford
Salary: Competitive base, car / travel allowance + benefits
Job Type: Permanent
Be part of transforming the construction industry, be part of our Cyber Security team.
Are you able to support comprehensive Cyber Security programs whilst optimising the operational performance and reliability of Infrastructure technologies? Then we need your expertise in controls and activities for the effective management of critical cyber security platforms.
Are you skilled with Privilege Access management, Application Control and Data Loss Prevention solutions? The we need you to help optimise performance and ensure compliance to our cyber security certification requirements.
This position requires a deep understanding of security protocols, risk management, and the ability to proactively identify and mitigate potential threats to the business, whilst delivering cyber security with a service mindset. You will work closely with cross-functional teams from infrastructure and network support analysts across the business units to ensure the integrity and security of our applications and data.
Key Accountabilities Include
Essential Experience Includes
We are an international engineering and construction company delivering state-of-the-art infrastructure and buildings projects for clients in the UK, Middle East and Australia.
Certainty, reliability, quality – this is what our clients want. And at Laing O'Rourke, we have more than 150 years of experience delivering it. Laing O'Rourke's story is one of energy, passion, ambition, people and teamwork. We harness the power of our experience, stretching back over a century and a half to deliver certainty for our clients.
As part of the Disability Confident scheme, we would like to enable access to candidates with long term health conditions and disabilities through the ‘Offer an interview scheme'. This supports applicants that meet the essential criteria by offering an interview for the advertised position. Please let us know prior to interview what adjustments are required as well as discussing how we can support you in the workplace.
We want to ensure our recruitment process is accessible to all. If you need the application form in an alternative format or you would like to know more about our recruitment process, please email [email protected]
Salary: Competitive base, car / travel allowance + benefits
Job Type: Permanent
Be part of transforming the construction industry, be part of our Cyber Security team.
Are you able to support comprehensive Cyber Security programs whilst optimising the operational performance and reliability of Infrastructure technologies? Then we need your expertise in controls and activities for the effective management of critical cyber security platforms.
Are you skilled with Privilege Access management, Application Control and Data Loss Prevention solutions? The we need you to help optimise performance and ensure compliance to our cyber security certification requirements.
This position requires a deep understanding of security protocols, risk management, and the ability to proactively identify and mitigate potential threats to the business, whilst delivering cyber security with a service mindset. You will work closely with cross-functional teams from infrastructure and network support analysts across the business units to ensure the integrity and security of our applications and data.
Key Accountabilities Include
- Keeping abreast of potential and emerging cyber security threats, vulnerabilities, and control techniques and the trade-offs required to manage the different levels of risk appetite and risk exposure across the business.
- Focused on day-to-day operational tasks and maintenance of core Cyber Security infrastructure service platforms, including but not limited to:
- Manage and administer the Privileged Access Management (PAM) platform, including user access, permissions, audits and configurations.
- Collaborate with IT and business teams to integrate and expand PAM controls into existing systems and applications.
- Manage and administer the Application Control platform, including policy configuration, rule creation, and software whitelisting/blacklisting to prevent unauthorized software installations and executions.
- Collaborate with IT teams to integrate Application Control mechanisms into existing systems and processes.
- Work with cyber analysts and engineers to maintain and optimise other cyber security platforms and tools to improve performance and end-user experience. These include, but not limited to endpoint detection and response, network intrusion detection, patch management, web filtering and email security gateways.
- Develop processes and procedures to manage, monitor and improve performance, reliability, recovery, capacity and user-experience of cyber security controls
- Work with IT stakeholders to implement and test cyber security controls to ensure compliance with DR and BCP policies and scenaries.
- Working with the Cyber and Infrastructure Engineering team to form SME relationships
- To implement security best practices as directed by the Cyber Security Tech Ops Lead, Cyber Security Architect and Engineering teams.
- Responsible for the quality and response time of support tickets
- Ensure knowledge and information are documented and passed to the relevant Service delivery teams.
- Researches and assesses new threats and security alerts and recommends remedial actions. Play an active part in responding to and resolving security incidents (Prepare, Identify, Contain, Remediate, Recover).
- Work with key suppliers, partners and vendors to drive maximum value and security benefits from security services and solutions.
- Work with Cyber Security leadership to develop plans to enforce security requirements and address identified risks.
Essential Experience Includes
- Experience in configuring and managing PAM solutions in enterprise environments.
- Familiarity with identity and access management (IAM) principles, including role-based access control (RBAC) and least privilege.
- Strong understanding of Application Control concepts, tools, and technologies (e.g., whitelisting, blacklisting, application allowlisting). Experience in configuring and managing Application Control solutions in enterprise environments preferred.
- Around 5 years+ experience in IT including circa 3 years in an operational environment
- Knowledge of best practices of IT security hardware and software, security suites, identity and access management, and encryption.
- Understanding of security frameworks such as NIST, CIS Controls, or ISO 27001.
- Formal industry recognised Cyber Security qualification such as ISC2 CISSP, ISC2 CISM or Certified Ethical Hacker (CEH) (desired).
- Security and Network technology experience.
We are an international engineering and construction company delivering state-of-the-art infrastructure and buildings projects for clients in the UK, Middle East and Australia.
Certainty, reliability, quality – this is what our clients want. And at Laing O'Rourke, we have more than 150 years of experience delivering it. Laing O'Rourke's story is one of energy, passion, ambition, people and teamwork. We harness the power of our experience, stretching back over a century and a half to deliver certainty for our clients.
As part of the Disability Confident scheme, we would like to enable access to candidates with long term health conditions and disabilities through the ‘Offer an interview scheme'. This supports applicants that meet the essential criteria by offering an interview for the advertised position. Please let us know prior to interview what adjustments are required as well as discussing how we can support you in the workplace.
We want to ensure our recruitment process is accessible to all. If you need the application form in an alternative format or you would like to know more about our recruitment process, please email [email protected]
See more jobs in Dartford