Overall View of the Role
The Lead Security Engineer will play a crucial role in overseeing our cybersecurity detection and response technologies, processes, and partners and play a key role in advising the organisation on securing systems infrastructure and data. This role is responsible for evaluating and configuring security tools and solutions, advising on security architecture, and scoping security testing and assurance exercises. The ideal candidate will have extensive experience in security, strong leadership skills, and the ability to work in a fast-paced, high-stakes environment (healthcare).
Key Responsibilities:
1. Security Operations and Incident Management:
- Oversee day-to-day security operations of our third-party managed Security Operations Centre (SOC) to ensure the ongoing protection of information systems and data.
- Monitor security events and incidents, ensuring timely detection, response, and remediation.
- Maintain and enhance incident response plans and procedures.
- Play a key role as the lead Cybersecurity technical advisor in the management of security incidents, including investigation, mitigation, and communication with stakeholders.
2. Evaluation of Security Tooling and Solutions:
- Assess and recommend cybersecurity tools and technologies to enhance the security and risk posture of the organisation.
- Conduct proof-of-concept evaluations for new security solutions.
- Ensure the integration of new security tools into the existing infrastructure, including On-prem network, OT environment (medical), and AWS cloud.
- Support the CISO to continuously review the roadmap and Cyber strategy to deliver cost effective risk based cyber technical / tooling solutions.
3. Security Architecture Advisory:
- Provide strategic guidance on the secure design and implementation of on-prem and cloud (AWS) systems / networks.
- Work closely with IT and development teams to ensure security is integrated into solution designs including our application development teams.
- Review and update security policies, standards, and guidelines to ensure alignment with industry best practices and regulatory requirements.
- Review solutions and proposed changes submitted to the Change Approval Board (CAB).
4. Security Testing and Assurance:
- Scope and manage security testing exercises, including vulnerability assessments, penetration tests, and enhance our testing plan to include red team/blue team exercises.
- Coordinate with third-party security testing vendors and internal teams to ensure comprehensive security testing.
- Analyse test results and work with relevant stakeholders to remediate identified vulnerabilities.
5. Third-Party Security Provider Management:
- Support the CISO to evaluate the use of third-party partners vs in-house provided security services.
- Collaborate with third-party security providers to ensure the delivery of high-quality security services.
- Evaluate third-party security solutions to provide the best value to the organization.
- Manage vendor relationships and ensure adherence to security requirements and standards and risk targets are achieved.
6. Leadership and Mentorship:
- Lead, mentor and establish the role as trusted advisor, to non-cybersecurity professionals in all cyber security matters relevant to their role.
- Provide input into training and awareness programs to enhance the security knowledge and skills of the wider organization.
- Foster a culture of security awareness and best practices within the organization.
The Lead Security Engineer will have frequent interaction with executives, business leaders, and external stakeholders. The Lead Security Engineer may be required to work outside regular business hours in response to security incidents or emergencies.