Cyber Security Specialist (PAM / IAM Solutions / Application Control – whitelisting / blacklisting)

Cyber Security Specialist (PAM / IAM Solutions / Application Control – whitelisting / blacklisting)

Location: Dartford

Salary: Competitive base, car / travel allowance + benefits 
Job Type: Permanent

Be part of transforming the construction industry, be part of our Cyber Security team.

Are you able to support comprehensive Cyber Security programs whilst optimising the operational performance and reliability of Infrastructure technologies? Then we need your expertise in controls and activities for the effective management of critical cyber security platforms.

Are you skilled with Privilege Access management, Application Control and Data Loss Prevention solutions? The we need you to help optimise performance and ensure compliance to our cyber security certification requirements.

This position requires a deep understanding of security protocols, risk management, and the ability to proactively identify and mitigate potential threats to the business, whilst delivering cyber security with a service mindset. You will work closely with cross-functional teams from infrastructure and network support analysts across the business units to ensure the integrity and security of our applications and data.

Key accountabilities include:

• Keeping abreast of potential and emerging cyber security threats, vulnerabilities, and control techniques and the trade-offs required to manage the different levels of risk appetite and risk exposure across the business.
• Focused on day-to-day operational tasks and maintenance of core Cyber Security infrastructure service platforms, including but not limited to: 
• Manage and administer the Privileged Access Management (PAM) platform, including user access, permissions, audits and configurations.
• Collaborate with IT and business teams to integrate and expand PAM controls into existing systems and applications.
• Manage and administer the Application Control platform, including policy configuration, rule creation, and software whitelisting/blacklisting to prevent unauthorized software installations and executions.
• Collaborate with IT teams to integrate Application Control mechanisms into existing systems and processes.
• Work with cyber analysts and engineers to maintain and optimise other cyber security platforms and tools to improve performance and end-user experience. These include, but not limited to endpoint detection and response, network intrusion detection, patch management, web filtering and email security gateways.
• Develop processes and procedures to manage, monitor and improve performance, reliability, recovery, capacity and user-experience of cyber security controls
• Work with IT stakeholders to implement and test cyber security controls to ensure compliance with DR and BCP policies and scenaries.
• Working with the Cyber and Infrastructure Engineering team to form SME relationships
• To implement security best practices as directed by the Cyber Security Tech Ops Lead, Cyber Security Architect and Engineering teams.
• Responsible for the quality and response time of support tickets
• Ensure knowledge and information are documented and passed to the relevant Service delivery teams.
• Researches and assesses new threats and security alerts and recommends remedial actions. Play an active part in responding to and resolving security incidents (Prepare, Identify, Contain, Remediate, Recover).
• Work with key suppliers, partners and vendors to drive maximum value and security benefits from security services and solutions.
• Work with Cyber Security leadership to develop plans to enforce security requirements and address identified risks.

You will need knowledge of Infrastructure and Cyber Security principles being able to create and develop operational process. Part of the role is to develop and maintain technical documentation, procedures, guidelines, and training. This means keeping a service management mindset to provide support and guidance to IT teams for best practice. Do you have experience in Security Incident Management tools (SIEM)? How about demonstrating excellent knowledge of security technologies, enterprise systems and cloud solutions? The join our Cyber Security team and showcase your knowledge of regulation standards, compliance and governance.

Essential experience includes:

• Experience in configuring and managing PAM solutions in enterprise environments.
• Familiarity with identity and access management (IAM) principles, including role-based access control (RBAC) and least privilege.
• Strong understanding of Application Control concepts, tools, and technologies (e.g., whitelisting, blacklisting, application allowlisting). Experience in configuring and managing Application Control solutions in enterprise environments preferred.
• Around 5 years+ experience in IT including circa 3 years in an operational environment
• Knowledge of best practices of IT security hardware and software, security suites, identity and access management, and encryption.
• Understanding of security frameworks such as NIST, CIS Controls, or ISO 27001.
• Formal industry recognised Cyber Security qualification such as ISC2 CISSP, ISC2 CISM or Certified Ethical Hacker (CEH) (desired).
• Security and Network technology experience.

About us: 
We are an international engineering and construction company delivering state-of-the-art infrastructure and buildings projects for clients in the UK, Middle East and Australia. 

Certainty, reliability, quality – this is what our clients want. And at Laing O'Rourke, we have more than 150 years of experience delivering it. Laing O'Rourke's story is one of energy, passion, ambition, people and teamwork. We harness the power of our experience, stretching back over a century and a half to deliver certainty for our clients. 

As part of the Disability Confident scheme, we would like to enable access to candidates with long term health conditions and disabilities through the ‘Offer an interview scheme'. This supports applicants that meet the essential criteria by offering an interview for the advertised position. Please let us know prior to interview what adjustments are required as well as discussing how we can support you in the workplace. 

We want to ensure our recruitment process is accessible to all. If you need the application form in an alternative format or you would like to know more about our recruitment process, please email resourcingteam@laingorourke.com 

#LI-RH1