Information Security Engineer

About Yondr Yondr is a disruptor. We challenge convention and simplify complexity. A global developer, owner operator and service provider of data centers, we deliver complex data center capacity needs for the world’s largest tech companies. Our exponential growth sees us looking for extraordinary people to help accelerate us towards our vision: a tomorrow without constraints.  But we can’t do this without you. About the Role  Our business is growing and we need an experienced Information Security engineer to join our Global Technology Security team with a proven track record of building/operating in a modern Information Security practice in a global organisation. You will have developed, managed and implemented information security controls and processes.   This will involve a range of activities including consultative engagements, project-work, pro-active security testing, vulnerability management, auditing, reporting and investigations.   You’ll be responsible for conducting risk assessment, policy creation and awareness training while staying up to date with other industry best practices. You’ll be hands-on with a variety of security technology and interact with various internal teams to lead and deliver best-in-class solutions in an exciting fast-paced environment.  Dynamic, smart people and inspiring, innovative technologies are the norms here.   Main Responsibilities  Drive the evolution of the company’s Information Security standards to maintain best practice and alignment with corporate policies and regulatory requirements   Be hands on in managing and maturing our security technology and processes   Investigate and respond to information and cybersecurity incidents   Provide consultation and/or education as needed and drive the adoption of security as a value add/best practice   Work in partnership with stakeholders, to ensure all projects, changes, IT standards and procedures are compliant with Information Security Standards and Policies   Manage (third party) penetration testing and facilitate any subsequent remediation activities   Act as a subject matter expert on matters of Information security relating to Yondr   Conduct 3 rd  party risk assessments to ensure suppliers are aligned with our security standards and fall within our risk tolerances   Manage phishing platform, training and related reporting    Provide guidance and subject matter expertise on processes, controls, and objectives around audit and information security activities, best practices, and process improvements   Conduct vulnerability assessments, risk analyses, and remediation tracking   to drive the attack surface management program   Conduct Identity and Access Management entitlement reviews of key platforms and applications   Engage in audits, compliance assessments, and regulatory security requirements   Maintain documentation related to security processes, incidents, and compliance requirements   Qualifications and experience  Experience with regulatory and compliance standards; ISO27001, SOC2, PCI DSS   5+ years experience working as an information security professional within a medium to large sized global organisation   Proven experience implementing, maintaining and leading an effective information security control assurance programme   Strong stakeholder management and communication skills, including technical members of staff and senior non-technical business leaders   Applied working knowledge of networking principles and the OSI model to evaluate control effectiveness and support investigation of network ‑ based security incidents   Background in working with international organizations that provide 24x7x365 operations   Must understand OT, Network and Zero-trust architecture    Understanding of email security tools, vulnerability management, penetration testing and remediation   Strong analytical, troubleshooting, and problem-solving skills   Information Security, alongside significant knowledge and experience of Cyber security   Working knowledge of Microsoft Sentinel, Qualys, Microsoft Defender, Knowbe4 are essential.     Exposure to Microsoft Purview, MDR services, UBA and IT/OT network environment are desirable   Excellent verbal and written communication skills   Ability to manage multiple priorities and work independently or within a team environment   Relevant certifications preferred, such as:   CISSP   Security+   CISA   CEH   GSEC   Microsoft Certifications   At Yondr, we want to enhance the diversity, equity, inclusion and belonging of our workforce to reflect the world we live in. Our roles are potential opportunities for everyone; all interested parties, regardless of nationality, race, ethnicity, religion, age, sexual orientation, or gender, are welcome to apply. We ensure all candidates have equitable access and consideration throughout the hiring process. Yondr is committed to fostering a welcoming, safe and inclusive work environment. We provide support through our benefits, which are inclusive of all backgrounds.