About the role
An enthusiastic and experienced individual to work within the Cloud Services team and help shape the company’s security and compliance services.
Ideally an experienced Information Security Engineer seeking a new challenge as subject matter expert for our cloud security consultancy services. You will have experience in customer facing roles and success helping clients adopt cloud technologies through the implementation of cloud security services. You will work closely with other Bridgeall Consultants building relationships with clients to act as their trusted advisor.
You will deliver projects including strategy, data protection and assessments against frameworks such as ISO 27001:2013 and Cyber Essentials while keeping ahead of the latest information and best practice, to provide clients with the best advice.
Bridgeall helps clients to build their Modern Intelligent Workplace and provides ongoing managed IT services. Established in 2003, with 34 staff and with 9 Microsoft Gold competencies, we have a strong track record of successful delivery.
Our staff are fundamental to our success and we are focused on helping them to develop their careers, through a culture of continual training and development from the moment you start induction to ongoing professional development throughout your career.
Competitive salary, dependent upon experience + Private healthcare
Glasgow based Office – You may also be required to work at client sites from time to time. Remote home working will be permitted several days per week if required.
Head of Cloud Services and Support
- Ability to engage as part of the sales team to provide pre and post-sales support and implementation, taking a lead role in writing tender responses to win new client work.
- Ensuring alignment with the latest regulations and compliance requirements, such as GDPR, ISO27001, Cyber Essentials, etc
- Risk analysis and review of customer’s information systems, communicating recommendations through reports and presentations.
- Assisting and educating technical teams regarding new security products and procedures
- Recommending security enhancements and providing technical security advice
- Responding to security-related incidents and providing thorough post-event analysis
- Monitoring networks for security breaches and investigating violations when they occur
- Performing vulnerability and network scanning assessments and penetration testing
- Advising on policies and procedures
- Advise on information security risks in infrastructure, process, and project implementations
- Discuss and enhance security state to key stakeholders
- Advise on potential threats and vulnerabilities recommending mitigating actions
- Provide regular and accurate management reporting on information security.
- Networking and sharing knowledge through seminars and writing thought leadership articles relating to information security best practice.
Essential skills and qualities
- Minimum 10 years’ experience (3-5+ years working with Cloud Technologies)
- Deep understanding of cloud computing technologies, business drivers, and emerging computing trends.
- Familiarity using industry standard tools for security testing.
- Practical knowledge of security threats, risks, and controls
- Security concepts relating to SSL, DNS, routing, authentication, VPN, proxy services and DDoS mitigation technologies
- Secure coding practices, ethical hacking, and threat modelling
- DLP, SIEM and anti-malware tools
- GDPR and compliance assessments
- ISO 27001/27002/27017/27018, ITIL and COBIT frameworks
- TCP/IP, computer networking, routing, and switching
- Cloud technologies, Microsoft Azure
- Knowledge of security governance, policies, and security frameworks such as – ISO27001, NIST, PCI DSS, Cyber Essentials, and NCSC cloud security principles
- Firewall and intrusion detection/prevention systems
- Good written and verbal communication skills, report writing and presentation skills
- Auditing and risk assessment methodologies
- Penetration and vulnerability testing techniques and tools.
- Project management and delivery.
- Building customer/partner relationships.
- Experience of writing technical/commercial proposals, ideally including tender responses.
- Maintains current technical expertise in the rapidly changing technology environment.
- Contribute to the internal continuous improvement culture
- Comply with operational standards and guidelines
- Problem-solving mentality.
- You are confident and articulate
- Able to work under pressure and meet deadlines
- Proactive and have ability to use own initiative and follow issues to completion
- Flexible attitude to working, both time and geographic
- Degree level education
- Certifications ISO 27001 Lead Auditor/Implementer, CISSP, CISM, SSCP
- CompTIA Security+
- CEH: Certified Ethical Hacker.
- Microsoft Certified on Office 365 / Azure
- MS-500: Microsoft 365 Security Administration
- AZ-500: Microsoft Azure Security Technologies
- Azure Cloud Services (IaaS + PaaS), Design and Administration
- Microsoft 365 Modern Workplace, Office 365 and EMS
- Microsoft Technology Stack: Windows Server, SQL, Exchange and Windows 10
- Flexible working
- Private health insurance
- 33 day holiday
- Join a great team and growing business