IT Security Engineer

Job Description Life Unlimited. At Smith+Nephew, we design and manufacture technology that takes the limits off living. Join our dynamic team and embark on an exciting journey of innovation and growth as we seek a hard-working and dedicated individual for role of IT Security Engineer to join our Global IT team. Role is key to the evolution of the Data Governance program at Smith+Nephew (S+N). This program is a critical component of a broader Cyber Security Maturity Program, with the backing of Senior Leadership. What will you be doing - Role will work in collaboration with a Governance Risk and Compliance (GRC) team, who will provide the policy and compliance expertise. Role requires a good understanding of Data Governance and associated technologies, Program Management, Audit and Information Security. - The role will be required to lead the design and technical delivery of a program of Data Governance improvements, in the following three main areas: - Identify, documentation and labelling of key data assets across the organization, through business process mapping, use of data-discover tools, and collaboration with other teams working on Privacy Law Compliance and Master Data Management. - Deploy effective process and technology controls to protect critical company data. This will primarily require the employment of DLP solutions for in prem and cloud environments, but will also include data labelling, E-mail rules and other technical data exfiltration prevention measures. - Execute on a program of audits, to assess existing data protection controls for adequacy and identify gaps. Support Data, Technology and Process Owners to remediate control weaknesses - Manage data governance non-compliances reported by the Security Operations team Serve as a mentor and architectural guidepost, elevating engineering teams to adopt industry-leading practices, reference models, and design principles, thereby instilling a culture of innovation and technical rigor. - As a Specialist you will be required to engaged with Business, Functional and Project team members, at various levels in the organization, in the execution of assessments and deployment of controls. As such a confident self-starter is would be best suited. - Collaborate with other teams in Information Security to configure and deploy data governance technologies. Deploying rule sets, Supporting implementations. - Investigating incidents of potential data governance policy infractions. Identification of key data assets across the organization. Conducting interviews and business process mapping. Use of Data Discovery technology. - Prioritizing and scheduling, assessing controls with Business, IT and IS owners, Reporting outcomes. Gap remediation, Support Data and System owners in the remediation of control weaknesses. Monitoring and managing actions to completion. - Maintaining a register of key company data assets. Assessing IT Systems and Data Repositories for appropriate Data Protection Measures. What will you need to be successful - Education: Bachelor's degree in a Computer Science or related field, or an equivalent combination of training and experience. - Licenses/ Certifications: - Microsoft Azure certifications - Azure Data Fundamentals, Azure Data Engineer Associate etc. will be an advantage - One or more professional qualifications related to Information Security and Risk Management, will be an advantage e.g. CISA, CISSP, CCSP, CCSK or similar. - Operating Mode: Work from office 2 days in a week. - Experience: - Proven relevant experience of 5 years in Information Technology / Security with: - At least 3 years performing assessments or audits of Information Security controls - High level of proficiency with Microsoft Active Directory and Azure active directory - At least 3 years working with data governance using Microsoft Azure tool stack and other data protection technologies. - Prior experience running programs or projects will be an advantage. - Understanding of current privacy law e.g. GDPR, HIPAA will be an advantage. You. Unlimited. We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve. Inclusion + Belonging - Committed to Welcoming, Celebrating and Thriving. Learn more about our Employee Inclusion Groups on our website https://www.smith-nephew.com/ Other reasons why you will love it here - Your Future: Major Medical coverage + Policy exclusions and insurance non-medical limit. Educational Assistance. - Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave. - Your Wellbeing: Parents / Parents in Law's Insurance, Employee Assistance Program, Parental Leave. - Flexibility: Hybrid Work Model (For most professional roles) - Training: Hands-On, Team-Customized, Mentorship - Extra Perks: Free Cab Transport facility for all employees, One Time Meal provided to all employees as per shift. Night Shift Allowances. #YS1 Stay connected by joining our Talent Community. We're more than just a company - we're a community Follow us on LinkedIn to see how we support and empower our employees and patients every day. Check us out on Glassdoor for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S+N. Explore our website and learn more about our mission, our team, and the opportunities we offer.