Renewable Energy Systems Ltd. (RES) is one of the world’s leading renewable energy developers, working across the globe to develop, construct and operate projects that contribute to a sustainable future. RES is now looking for an IT Security analyst to contribute to the appropriate risk management of information security threats arising across the business.
The role will sit in the IT department and is a direct report to the Global IT Security Manager (ITSM) who is based in the UK at King’s Langley, to assist with ITSM’s responsibility for assessing information, cyber and technology driven risks and drive the remediation of identified vulnerabilities across RES Group environments. The analyst role will be varied and broad as it needs to cover both operational security related tasks associated with day to day security incidents and management of the security queue as well as assisting with development of the security roadmap to raise the level of security maturity that the company is operating at over time. Flexibility and initiative are important to this role as well as being a good communicator, having a strong work ethic and a passion for either renewable energy or information security (ideally both!)
There is potential to split the role into two part-time roles if an exceptional candidate looking for a part time role applied; RES is passionate in the development of its staff to reach their potential and believes in the benefits of having a diversified workforce;
- Management of the IT security queue outstanding tickets
- Address security related questions directly from internal staff and stakeholders.
- Develop and implement policies, procedures and standards that meet existing and new regulatory requirements.
- Facilitate security/risk and threat awareness training for the RES Group.
- Deliver security projects as allocated relating to Access Control, Security Infrastructure & compliance risks;
- Assist infrastructure, architecture and business systems with requirements, analysing needs from a security perspective. Ensure good design practice and implementation to meet security assurance requirements.
- Contribute to change management board on technical and process changes impacting security risk.
- Supervision of all endpoint security software.
- Promote awareness of applicable standards, upstream risks and industry best practices; GDPR, etc. Supporting RES Group subsidiary businesses in ten countries including in Australia and in USA
This role is a hands-on role, as you will be the primary security analyst resource to support the ITSM. The IT security analyst role will suit someone with broad experience and knowledge across multiple security domains better than someone with deeper knowledge that is restricted to a narrower set of topics and will suit someone who is used to working in less regulated environments or with experience of working in a smaller team set-up;
As much of the externally driven threats to the organisation arrive via E-mail borne attacks such as phishing and BEC you will require knowledge and experience of dealing with users reporting suspicious emails and be capable of helping to shape and deliver a security awareness programme aimed at making users better aware of these threats;
You will require knowledge of some of the litany of security standards that have been published and be aware of privacy and assurance regulations such as GDPR.
Knowledge of ICS & SCADA specific security issues associated with Operational Technology networks would be a bonus as would be any previous experience of handling a data breach or ransomware incident.
• You must be a self-starter with initiative and a strong work ethic
• Proven ability to engage, build strong relationships, influence and partner with stakeholders across functions and geographies.
• Credible and capable; able to quickly build the confidence of colleagues and be seen as a team player.
• Determined, with a drive to deliver outstanding results.
• Passionate about security and how the enterprise can be protected
• A dynamic individual, with strong, proven delivery skills. Happy to take accountability.
• Excellent verbal and written communication skills and able to communicate with both technical and non-technical staff alike bearing in mind the audience for a given message and how best to convey it; • Not afraid to challenge and/or escalate as appropriate
• This role requires regular and timely delivery and performance to meet workload demands
• Degree from an accredited university or a technical qualification or certification, with appropriate work experience.
• As a minimum this role will require an up to date security qualification if the degree is not in computing and information security.