IT Security Officer KMH/CN/311
Keepmoat Homes is a fast growing top 10 UK housebuilder. We design and build quality homes and create places where people want to live.
Our investment and participation helps transform communities and improves the lives of local people. We have a national presence combined with local knowledge and expertise in all aspects of housing – from finance, design and planning, to developing and building. Our comprehensive skills and capabilities give us a wider perspective across the whole housing lifecycle and we create lower risk ways of building homes people need.
For more than 90 years our work has been absolutely visible to local communities so being part of the community is in our DNA. We hire local suppliers and tradespeople and work with local communities to make sure that our plans meet their needs.
Main purpose of the role
To lead the development and delivery of security to the business through technological acumen, risk management and user awareness. The IT Security Officer will help to define, shape and protect Keepmoat Homes’ evolving digital, technology and information systems landscape; helping Keepmoat’s defenses to evolve and mature, as the threat landscape does.
- Developing and owning the IT Security Manual that documents the services in use, governance tasks and policies that need to be undertaken to keep them secure.
- Take a threat-based risk approach to implement controls when identifying risks, vulnerabilities, impact, and likelihood of breach.
- Take responsibility for, identifying and understanding what risks and security gaps exist within the business, and use their experience to effectively identify, communicate and prioritise steps to remediate.
- Perform routine risk assessments on the current landscape and user awareness through exercises such as penetration testing and simulated phishing attacks.
- Working cross-functionally to ensure both our user needs and our business objectives are met whilst hardening Keepmoat security posture.
- Demonstrate knowledge of risk / compliance and be willing to use that expertise to guide and mentor other members of the team, and effectively communicate to stakeholders at all levels, within the business.
- Accountable for both cyber and information security, working with partners and the business to identify risk, advise of recommendations, and formulate contingency plans in the event of a breach.
- Ensure that Keepmoat maintains alignment to all statutory and regulatory compliance, around data and information security legislation e.g., General Data Protection Regulation (“GDPR”), Payment Card Industry Security Standard (“PCI-DSS”)
- Coordinating with a managed Security Operations Centre (SOC) and assigning tasks.
- Ensure security processes are defined, fit for purpose, understood, and followed by the users and technical teams. Develop and maintain process documentation where the SOPs are not defined.
- Work closely with Third Party partners, service providers and vendors, to remain up to date with the latest security systems, tools, trends, and technology.
- Review architectural and solution design documents for BAU and Projects, to ensure that appropriate security and data protection controls are built-in by design.
- Own and manage projects to deliver security initiatives to the business.
- Actively participate in security focused communities, collaborating with peers and industry experts, to continuously develop experience and expertise.
- Reinforce and adhere to IT change management processes. Contribute to business change activities.
- Monitor and actively manage service costs and contribute to the IT budgeting process.
- Chair security review meetings to advise of Keepmoat security posture.
- Support the Head of Technology and Cybersecurity, and IT Director in delivering the IT security strategy and defining the IT Security roadmap.
- We are people, people. We are an engaging IT team who do not hide behind a screen or the mobile phone, so it is imperative that the IT Security Officer is competent with discussing current issues and presenting future initiatives with the business and vendors appropriately.
- We are a dynamic function. We deliver several projects, and initiatives into the business, so it is imperative that the IT Security Officer is able to multi-task and undertake several pieces of work, either directly or through delegation, at any point in time.
- We celebrate innovation. We are constantly evolving our IT strategy to align the technology to the business requirements, the IT Security Officer is expected to work with the business and vendors to suggest and deliver offerings which bring efficiencies and eliminate risk to the organisation.
People Management Responsibilities
- Co-ordination of an outsourced SOC function to ensure threat and vulnerabilities management exercises are taking place and remedied.
- Ensuring that governance activities are being carried out by the relevant teams at defined times, such as quarterly audits etc.
- To take care of your own health and safety and that of others who may be affected by your work and adhere to the Keepmoat Health, Safety and Sustainability standards.
Skills, knowledge & experience
- Experience of performing risk assessments against internal and external systems, and external providers
- Skilled in designing, implementing, and maintaining risk/compliance/security protocols, policies, plans, and systems to cover all possible threats.
- Adept at writing well-structured and sufficiently detailed technical reports / policies
- Strong experience of performing and/or supporting vulnerability assessments tests
- Well-developed interpersonal and communication skills are required to interpret supplier/partner and customer requirements
- Good written communication skills to prepare reports and papers for stakeholders
- A flexible approach and the ability to work well under pressure is required to manage unpredictable workloads
- Ability to think creatively and to problem solve
- Excellent customer service skills
- Happy to travel between sites when required
- Experience of proposing and managing business change
- Experience using ServiceDesk platforms
- Experience of handling external suppliers
- Highly organised self-starter
- Bright, self-motivated and driven
- Flexible and adaptable
- Good verbal and written communicator
- Ability to work both alone and as part of a team
- Ability to work within diverse groups
- Experience in the design, deployment and use of security monitoring capabilities eg, Syslog and SIEM
- Experience of having supported the attainment and retention of any industry recognised Information Security standards eg, Cyber Essentials, Cyber Essentials Plus
- A working understanding of National Institute of Standards and Technology (“NIST”)
- Strong understanding of data protection techniques and capabilities i.e, encryption, and their practical adoption and use
- Any current/recent Cybersecurity training and/or qualifications.
- Good technical understanding of IT & Digital fields
- Experience working for a house builder
- Building and engaging user communities
Education & qualifications
- Evidence of professional development
- Certified ISMS Risk Management (CIS RM)
- CISMP – Certificate in Information Security Management Principles
- CISSP – Certified Information Systems Security Professional
Why work for us?
At Keepmoat Homes we pride ourselves on being a great place to work. As the market leader in our industry we want to ensure that we attract, motivate and retain the best people who can deliver the best service for our customers.
- Competitive rates of pay – We regularly check our pay against our competitors to make sure they reflect our position as market leader. We also review our pay every year.
- Bonus Scheme – Our annual bonus scheme is linked to team and company performance.
- Special offers for staff – We run a range of offers and discounts exclusively for our employees including holidays, health club memberships and days out.
- Trust – We encourage you to come up with ideas and get the most out of your job with us.
- Development – we offer genuine development opportunities to progress your career.
Our values are the foundation for our vision, the cornerstone of our culture and the benchmark for our achievement.
- Straightforward - We get the job done in the most efficient and effective way. We are friendly, open and honest. It’s about being respectful and working in a transparent and honest way.
- Collaborative - We work together in partnership to deliver the very best customer experience. Partnership working is key to our business. We work collaboratively to deliver the best results possible.
- Passionate - We care about what we do. We put pride and energy into delivering results. It’s important to us to do a good job.
- Creative - We are proactive, flexible and resourceful. We listen, learn and deliver solutions. We don’t offer a one size fits all solution; we are flexible and will tailor our services to our customers’ needs.
Hours: 37.5 hours per week, Monday to Friday
Location: Doncaster, DN4 5PL
Employer: Keepmoat Homes, Central Services
Job type: Full Time Permanent
Closing date: 28/02/2023