Trilateral Research is recruiting for anInformationSecurity Advisorto join ourData Protection and Cybersecurity team. This position is open to candidates in the United Kingdom and the Republic of Ireland.

As an Information Security Advisor, you will support our clients in developing and ensuring robust information security policies, practices, and protections across their organisation. You will be responsible for analysing security measures, including network and application security measures, as well as organisational controls to improve the information security profile of client organisations, investigate incidents and identify and evaluate prevention and mitigation strategies.

Your expertise will be vital in improving information security practices in a range of diverse, high-profile organisations across Europe.

Our company and what we do

AtTrilateral Research, we provideethicalAI solutions for tackling complex social issues, from human trafficking and child exploitation, citizen security in crisis to pollution and climate change. We transform research into innovation and sustainable impact​, focusing our efforts where we can enhance societal wellbeing.

We apply rigorous, cutting-edgeresearchwhen developing and accessing new technologies to ensure they achieve sustainable innovation and measurable impact. Our teams include humanities specialists, social scientists, data scientists, ethical, legal, and human rights experts who work across the technology-social disciplinary divide.

Key responsibilities include but not limited to

Security Assessments:

• Conduct network security assessments, to include, reviewing active directory accounts, identifying exploitable vulnerabilities, reviewing, and verifying firewall settings and conducting port scans, etc.

• Assess web application security, including assessing code for vulnerabilities, assessing role/user permissions, verifying 2FA, etc.

• Conduct 3rd party information security assessments for onboarding applications.

• Conduct assessments against established frameworks, i.e., ISO 27001, NIST SP800-53, CE+, PCI DSS, NIST RMF.

• Identify and assess security risks and identify and evaluate relevant appropriate controls for mitigation/remediation.

Vulnerability Assessment & Management:

• Conduct regular and comprehensive vulnerability assessments using specialised tools and methodologies.

• Generate reports outlining the status of vulnerabilities, progress in remediation efforts, and recommendations for improvement to management and relevant stakeholders.

• Evaluate and adapt policies and procedures related to the deployment of security patches and updates across the organisation's systems and software.

• Collaborate with relevant teams to develop and implement remediation plans to address identified vulnerabilities.

• Provide guidance and recommendations for patching, configuration changes, or other corrective actions to mitigate vulnerabilities.

Security Incident Response:

• Conduct incident investigations to determine the root cause and scope of the incident.

• Perform forensic analysis by examining logs, conducting memory analysis, and preserving evidence.

• Identify vulnerabilities exploited and gather information for potential legal purposes.

• Identify areas for improvement and update incident response plans and procedures accordingly.

Required education and experience:

Essential:

• Relevant certification(s) to support responsibilities such as CompTIA Network+ / Security+, CISSP, CISA, CCNA, CEH, or similar certifications.

Professional knowledge and technical skills:

Essential:

• Minimum of 2 years’ experience in a cybersecurity or information security role.

• Proficiency in security tools and technologies, including SIEMs, vulnerability scanners, etc.

• Strong knowledge on network security.

• Strong knowledge of cybersecurity frameworks, standards, and best practices.

• Experience in conducting security assessments and incident investigations.

• Experience assessing systems against established frameworks.

Desirable:

• Experience in leading an organisation to ISO 27001 compliance and certification or other frameworks.

• Experience building and maintaining compliance documentation across an organisation.

• Strong knowledge on application, including practical knowledge of the OWASP top ten.

Interpersonal skills:

Essential:

• Excellent analytical and problem-solving skills.

• Effective communication skills to convey complex security concepts to non-technical stakeholders.

Desirable:

• Experience working with clients in a managed services role.

What else do I need to know?

Location: This position is open to candidates based in the Republic of Ireland OR the United Kingdom (remote working available with occasional site visits). 

Contract type:Permanent employment contract .

Start date:ASAP.

Salary: Commensurate with experience. 

Hours: Full time.  

Our compensation package includes:competitive salary, enhanced holiday entitlement increasing with service, company sick pay and family friendly pay, flexible working hours, remote working/working from home options, enhanced pension scheme based on service and continuous career development. 

Please note that theclosing datefor applications is the18thof November 2024 at 5pm GMT.Our hiring team will be continuously reviewing and progressing applications as they are submitted. We receive a high volume of applications, and we will only be able to progress applicants that meet all the essential requirements listed in this description.

How to apply?

Please submit yourCV andcomplete all application questions listed, to have your application considered. We ask that you refrain from using Generative AI tools in your application submission. References will be required prior to appointment and candidates must be eligible to work in the country the role requires.

We are an Equal Opportunities employer and positively encourage applications from suitably qualified and eligible candidates, regardless of their age, sex, race, disability, sexual orientation, gender reassignment, religion or belief, marital/civil partnership status, or pregnancy and maternity. We are a Disability Confident committed and Living Wage employer.

At Trilateral Research, we value privacy and data protection rights. We have a longstanding data protection culture and promote robust ethical standards in data management and research ethics. Please read our Recruitment Privacy Notice in relation to our recruitment activities before submitting your application to work with us.