Cyber Security Specialist

Job Introduction

As a Cyber Security specialist, you’ll analyse business requirements, technical solutions or processes to identify security related risks, and provide guidance on how they can be managed effectively through either technical or non-technical solutions. You’ll also make sure that the company’s system security is maintained and improved where possible.

You will work constructively and collaboratively with colleagues across the company and external suppliers, using a range of information security technologies and applying best practice to support the ongoing protection of digital assets and services from a growing list of cyber threats.

In return this role presents you with an exciting opportunity to represent the IT & Cyber Security activity transformation programmes across the business. You can expect a positive and inclusive working environment, training and development opportunities, and excellent holidays and benefits. In addition, we will provide an environment that supports a healthy work life balance.

Role Responsibility

• Define and maintain a vulnerability testing programme across Sodexo and its suppliers to ensure vulnerabilities are timely identified and handled adequately
• Monitor vulnerabilities for the whole estate covering on premise assets but also external SaaS and public Cloud assets as needed
• Lead the penetration tests and technical security audits schedule (source code review, architecture review, etc.), report findings and lead the remediation program
• Act as the Subject Matter Expert (level 3) on security solutions (antimalware, vulnerability scanner, EDR, MFA, etc.) and work as solution owner
• Be the spokesperson and referent for the deployment of security solutions
• Contribute to pilots and proof of concepts to enhance IT & Cyber Security capabilities

A full list of responsibilities can be found in the attached job description

The Ideal Candidate

• Demonstrated experience of driving reduction of vulnerabilities within an enterprise
• Experience with risk-based vulnerability management
• Experience of establishing and maintaining operational security solutions management processes, procedures, and tools at enterprise level
• Hands-on experience of selecting, deploying and maintaining a variety of security solutions such as vulnerability appliances/agents, EDR, antimalware, MFA, etc.
• Hands-on experience in network/server and security operational roles
• Experience in automating manual processes in line with DevOps/DevSecOps
• Experience of leading penetration testing and technical security audit engagements
• Experience of communicating technical information to a non-technical audience to define relevant action plans with the business and IS&T
• Proficiency in core information security principles (access control, operating system security, vulnerability management, etc.)
• Solid understanding of exploitable vulnerabilities
• Knowledge of MITRE ATT&CK framework
• Knowledge of NIST framework and OWASP
• Knowledge of Microsoft Enterprise access model and AD tier model
• Knowledge of the Zero Trust concept
• Rigorous, organised and Resilient

Desirable

• Experience of penetration testing  
• Experience of establishing and conducting proof of concepts with security solutions  

Package Description

Salary - £47,000 - £59,000 plus 10% bonus and flexible benefit fund

As part of our commitment to improving the quality of life for our employees, Sodexo offers a Flexible Benefits Scheme, allowing you to tailor a reward package to suit your needs but includes a technology scheme, private dental insurance, travel insurance, gym membership, Gourmet card, private medical insurance, free will writing, life assurance, 24hrs GP access and the ability to purchase or sell annual leave.

We also have a Sodexo Discount scheme, which offers employees and their friends and family the opportunity to benefit from over 1,200 discounts from top retailers both online and in-store.

About the Company

In the UK and Ireland, Sodexo employs around 30,000 people, and partners with clients in many sectors across business and industry; schools and universities; sports and leisure; energy and resources; government and agencies; healthcare; justice and defence.

Sodexo’s connected; people-centric approach brings together a diverse range of expertise. The breadth of services it offers ranges from food and hospitality; cleaning; reception; concierge (Circles); security; property management and technical services through to data driven workplace strategy and design (Wx); employee engagement and recognition services (Sodexo Engage) and personal home services through Prestige Nursing + Care and the Good Care Group.

Vital Spaces is Sodexo’s value proposition that puts people at the heart of everything we do, bringing together services and solutions and focusing on the productivity and wellbeing of people wherever they are.

Sodexo is committed to being an inclusive employer; we welcome and encourage applications from people with a diverse variety of experiences, backgrounds and identities.

We’re a Disability Confident Leader employer. We’re committed to changing attitudes towards disability, and making sure disabled people have the chance to fulfil their aspirations.

We are building on our support to the Armed Forces community through the development of specific pathways within our recruitment process to  support ex-forces personnel and reservists, those applying for jobs with us who meet the ideal candidate criteria for the role advertised are guaranteed to progress to the selection process