This job posting isn't available in all website languages

Application Information Security Specialist (Richmond, Greater London)

IT/Technical & Product Development
Reed Exhibitions
REE00AZC Requisition #

Application Information Security Specialist

Location: Richmond, Surrey, UK

About Reed Exhibitions

Reed Exhibitions is a leading global events organiser, with more than 500 events in 30 countries. In 2018, Reed Exhibitions brought together more than 7m event participants from around the world generating billions of dollars in business. Today Reed Exhibitions’ events are held throughout the Americas, Europe, the Middle East, Asia Pacific and Africa and organised by 38 fully staffed offices. Reed Exhibitions serves 43 industry sectors with trade and consumer events. It is part of RELX, a global provider of information and analytics for professional and business customers across industries. www.reedexpo.com

The Opportunity

Our highly motivated, collaborative, enthusiastic cross-functional team builds a market place connecting Exhibitors and Buyers to support our global events business. We need a proactive Application Information Security Specialist to work with ISMs, Product Owners, Technical Leads and Engineering Managers to validate and ensure the security of our services ecosystem. You will provide technical leadership, researching and producing technical guidelines and documentation in-line with RELX and industry best practices. You will partner with other external teams to align on goals and support continuous improvements.

You will develop and implement creative solutions, confidently ensuring security considerations are met for the implementation, maintenance and support of software in a cloud-based infrastructure. With a passion for embedding information security into operations, you will implement policies to ensure compliance with Information Security protocols, provide expert advice to the wider digital organisation, continually monitor the effectiveness of policies and promote improvements when necessary.

Key Responsibilities 

• Ensure suitable secure testing happens through the SDLC, RELX and RX security policies.

• Ensure policies are upheld, relevant security controls and standards are included within the design and security awareness provided to all engineering staff.

• Conduct technical risk assessments, such as vulnerability scanning, penetration testing, risk reviews for new applications, and third-party risk assessments.

• Handle service requests from the Business and Technology teams.

• Analyse and validate requirements, define access rules, script changes, and providing troubleshooting support related to access issues.

• Assist with reviewing existing tools, applications and processes to help optimise current capabilities, identify gaps or technical solutions to further enhance team’s effectiveness.

• Help achieve compliance, identify compliance initiatives, and author and promote appropriate security policies.

• Lead analysis and review security events for anomalous activity, collaborate with respective peer groups to safeguard company information assets against current and foreseen threats.

• Lead the exploration of practical security solutions to address emerging threats and compliance requirements, including design and implementation of recommended solutions.

• Develop and implement security programs: manage and execute project deliverables; develop program procedures including guidelines and flow diagrams; and develop tools or metrics that allow for measurement of successful program implementation.

• Maintain communication with peers throughout the organisation and security contacts; deliver solutions to help raise security awareness; and develop and disseminate information regarding security controls and newly identified risks.

• Assesses and measure security programs to ensure closed-loop operations.

• Actively participate the wider Infosec community.

Skills & Experience
• Advanced knowledge of security environments. Experienced in Application and Information Security Architecture, risk assessments, vulnerability and penetration testing.
• Ability to conduct technical risk assessments for new applications and third parties.
• Threat modelling, risk analysis, design and architecture of security principles for applications, APIs, Data and communication protocols
• Excellent understanding of NIST cybersecurity framework, SAS70 and/or other standards
• Detailed knowledge of application and information security testing tools (static, dynamic and web/api/mobile vulnerability scanning), standards and OWASP guidelines and security testing throughout the product development lifecycle
• Experience of working in a mixed OS, Cloud, SaaS, Web, API and Mobile Application environments
• Strong organisation/project planning, time management, and change management skills.
• Advanced problem-solving experience involving leading teams in identifying, researching, and coordinating the resources necessary to effectively troubleshoot/diagnose complex project issues.
• Advanced communication (verbal and written) and customer service skills. Strong interpersonal, communication, and presentation skills applicable to a wide audience including senior and executive management, customers, etc.
• Good understanding and working knowledge of relevant legal frameworks, licencing, Data Protection and GDPR 
• Experience of security concerns at the networking layers.
• Knowledge of current and emerging cyber threats.
• Working with Agile delivery and projects teams to ensure security best practices are baked in to the ways of working Excellent communications skills, and have provided security awareness workshops

What you need to do?
If you are interested in this Application Information Security Specialist position, please get in touch with Dulce Carvalho at Reed Exhibitions. If this job isn't quite right for you, but you are looking for a new position, please get in touch for a confidential discussion on your career.

About RELX

RELX is a global provider of information-based analytics and decision tools for professional and business customers. The Group serves customers in more than 180 countries and has offices in about 40 countries. It employs over 30,000 people, of whom almost half are in North America. The shares of RELX PLC, the parent company, are traded on the London, Amsterdam and New York Stock Exchanges using the following ticker symbols: London: REL; Amsterdam: REN; New York: RELX. *Note: Current market capitalisation can be found at http://www.relx.com/investors

Previous Job Searches

Activity Feed

Job shares through Reed Exhibitions
Someone referred the Dir Data Engineering position. 10 hours ago
Someone referred the Dir Data Engineering position. 10 hours ago
Someone referred the Dir Data Engineering position. 10 hours ago
Someone referred the Dir Data Engineering position. 10 hours ago
Someone referred the Dir Data Engineering position. 10 hours ago

Similar Listings

Reed Exhibitions

Richmond upon Thames, South East, United Kingdom

📁 IT/Technical & Product Development

Requisition #: REE00B5F

Reed Exhibitions

Richmond upon Thames, South East, United Kingdom

📁 IT/Technical & Product Development

Requisition #: REE00ATP

Reed Exhibitions

Richmond upon Thames, South East, United Kingdom

📁 IT/Technical & Product Development

Requisition #: REE00BC6