Information Security Officer
  • United Kingdom Birmingham
  • ClickJobs.io
1 year before
31.01.2024
Protect and Defend
Cyber Defense Analysis
Job Description

Information Security Officer DGH Recruitment are currently recruiting on behalf of a leading client in the professional services industry who require a Information Security Officer to join the team in Birmingham. Please note: This role requires you to be on site 1 day a week. Responsibilities:

• Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.
• Act as a subject matter expert between cybersecurity and the lines of business in the development of appropriate policies, standards, and frameworks.
• Educate stakeholders on cybersecurity-related matters in an effort to increase awareness and improve culture.
• Manage control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommends remedial action. Experience:
• Strong ability to convey complex information risk and security issues in a manner that is easily understood and actionable and constructively challenges prevailing thoughts and processes
• Excellent knowledge of the Cyber Security Industry and providers
• Good knowledge of budgeting and resource allocation procedures
• A passion for Information Security Information Security Officer


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0003   Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0013   Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
  • K0157   Knowledge of cyber defense and information security policies, procedures, and regulations.
  • K0161   Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
  • K0221   Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)

Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • S0036   Skill in evaluating the adequacy of security designs.
  • S0078   Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
  • S0147   Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
  • S0167   Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Required Abilities
  • A0015  Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0159  Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).