Cyber Security Engineer

Purpose of the Job This position is the focal point for managing technology risk (TR) within the company. It requires a broad range of information technology and management consulting skills in the areas of technology security, risk, compliance, mitigation, and remediation strategies and tactics. This position will perform assessments, remediation, implementation, and integration of end-to-end solutions aimed at reducing technology risk. This position will also provide advisory services to IT management and senior executives, and serve as the facilitator for both external and internal information security audits. Job Responsibilities/Competencies * Monitor and advise on information security issues related to the systems and work flows used by the company to ensure the internet security controls are operating as intended. * Coordinate and execute IT security projects for the company. * Coordinate response to information security incidents. * Develop and publish information security policies, procedures, standards, and guidelines based on knowledge of best practices and compliance requirements. * Conduct company-wide data classification assessment and security audits and manage remediation plans. * Collaborate with IT management, the Legal department, Compliance Office, Plant Maintenance department, and Internal Audit department to manage security vulnerabilities. * Create, manage, and maintain user security awareness. * Conduct security research to keep informed of latest security issues. * Prepare company notifications, web content, and alerts pertaining to IT security concerns or issues. * Actively participate in technology security risk special interest groups, such as Information Technology Audit and Governance Group, CompliancEX, and Information Security Community, to stay informed and current on relevant issues, trends, and topics. * Develop, implement, and maintain the company's data loss prevention (DLP) program. * Monitor, assess, and fine-tune the company's IT business continuity and disaster recovery program. * Perform network penetration tests, application vulnerability assessments scans, and risk assessment reviews. * Coordinate annual application security audit and corrective work. * Develop and maintain information security policies and procedures (work instructions). * Design and conduct security policy education, training, and awareness activities. * Monitor compliance with company security policy and applicable law. * Coordinate investigation and reporting of security incidents. Personal Skills / Profile * Strong educational background with a Bachelor's degree in information systems, computer science, business, or public administration. * Advanced certifications such as CISSP, CISM, or GIAC are highly preferred. * A minimum of five years of progressive experience in computing and information security. * Experience should include security policy development, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing. * Proficiency in data loss prevention techniques aimed at securing data in use, data at rest, and data in transit. * Demonstrable knowledge of a wide array of country-specific information security standards, such as ISO/IEC 27001 & 27002; rules and regulations related to information security and data confidentiality such as HIPAA (Health Insurance Portability and Accountability Act), FERPA (Family Educational Rights and Privacy Act), PCI (Payment Card Industry), and GDPR is required. * Excellent communication skills with the ability to advise IT management and senior executives. * Ability to conduct security research and stay informed of the latest security issues. * Strong collaborative skills to work with various departments within the company. * Detail-oriented with strong analytical and problem-solving skills. Base Location Silchester, Reading, UK, RG7 2PQ Job Type: Full time, Permanent Hybrid - 2 days in the office, 3 days work from home. The world turns to Ebara Elliott Energy. Customers throughout the world choose Ebara Elliott Energy for the design, manufacture and service of their critical rotating equipment. EEE’s global service network routinely installs, overhauls, repairs, upgrades and rerates machines from any manufacturer. Customers everywhere turn to us for precision engineering, extraordinary reliability and unparalleled service