Responsibilities
- Deploy complex tooling into an existing infrastructure
- Deliver solutions created by the architecture team
- Build advanced hunting/custom detection rules
- Work with our clients to understand the maturity of their cyber security capabilities and help define strategies to become more cyber resilient
- Develop and implement custom security policies and procedures to minimize the risk of advanced cyber attacks
- Conduct technical security reviews, approval of suppliers and design and test documentation
- Act as subject matter expert to the business and to other members of the Security team as required
- Collaborate closely with architects, designers, engineers, and other cross-functional team members within the organization to ensure that our solutions are built to the highest security standards
- Build a beneficial relationship with customers through presales and thought leadership activities
- Represent the company in a professional manner and enrich client relationships to Endava’s benefit
- Assist with security incident management and response activities
- Support the formulation of RFP responses and the more general bidding process
- Take a proactive role in identifying security risks, mitigations, and opportunities to strengthen Endava and our client’s resilience to cyber-attacks and security incidents
Qualifications and Experience
- Have a strong understanding of information security principles, techniques, and standards
- Hold several relevant Info Sec Operational Certifications
- 5+ years of full-time dedicated experience in a senior information security role focused on delivering at the enterprise level in complex environments
- Capacity to stay up to date with emerging security technologies and ability to evaluate these for Endava client environments
- Excellent presentation skills and ability to communicate with both technical and non-technical stakeholders
- Knowledge/experience in security risk assessment methodology
- Risk Management experience
- Microsoft 365 Security solutions
- Networking
- Security operations
- Vulnerability Management
- Security Auditing
- Good understanding of security testing principles, including experience of vulnerability scanning, identifying, resolving, and reporting risks
- Experience in formal document creation, such as the creation of reports or procedures
- One or more high-level security certifications (e.g. CCSP, CISSP, CISM, OSCP, CASP+)
- Background in infrastructure and/or networking
- Bachelor’s degree in Computer Science, Engineering, Mathematics, or related field or equivalent combination of education/professional experience in a similar role
