Contract - Information Security Manager
Hybrid
Bracknell, United Kingdom
Freelance
16-04-2025
Job Specifications
At Honda we embrace inclusion in our various policies, so whilst our contracts state that the hours are as required to fulfil the role with a minimum of 35 hours per week, we offer flexibility for when you work. The regular office hours are 08:00 – 16:00 Monday to Thursday with a half hour lunch break & 08:00 – 13:00 on a Friday. However, we offer flexibility of when you work with our daily flex-time start of between 07:00 and 11:00 providing that there is no business requirement.
Whilst there is no contractual right to work from home, the flexibility we offer is that you can request to work from home 2 days per week, again providing there is no business requirement to attend the office.
Role
Honda is embracing digital technology to transform the way we do business across all of our product lines. From online selling and connected vehicles to implementing the latest technology in our back-office operations, we need to ensure that business agility is supported by a robust security governance framework, protecting Honda’s and our customers’ information and data.
As a member of the regional IT security team you report to the Head of Security and Networking. You will be responsible to oversee and coordinate IT security operations across all locations in Europe, covering Honda’s sales, logistics, manufacturing and R&D entities.
You will address identified IT security risks and issues, on an organizational and technical level. Propose changes to existing IT Security policies and procedures to ensure operating efficiency and compliance.
Perform risk assessments and compliancy checks against existing solutions and projects, ensuring Honda’s IT security requirements are met.
You advise Honda IT staff and business users on complex IT security matters and support them during various project activities.
As part of Honda’s global organisation, you closely work and coordinate with Honda Motor’s (Japan) global security team on IT security governance and operation initiatives.
Main Responsibilities
Coordinate IT security operational activities with providers and IT staff.
Coordinate and perform threat and vulnerability management activities, identify risks, recommend treatment plans and provide communicate information.
Coordinate and perform security incident management activities, including detection, response and reporting.
Monitor and report on technical and operational IT security controls.
Recommend and implement security controls to meet security policies, legal, regulatory and audit requirements.
Report on compliance with security policies.
Propose changes to existing IT Security policies and procedures to ensure operating efficiency and compliance.
Provide expert guidance to projects on IT security matters.
Advise IT staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
Work with the IT Security Manager to develop a security roadmap that addresses identified risks and business security requirements.
Stay up to date with IT security related technologies and competences.
Prepare and conduct security awareness and security training initiatives.
KPI’s
High level of compliance with Information Security regulations, standards and internal policies.
Low number of Information Security incidents per severity.
Low average of response time on Information Security incidents per severity.
High accuracy of threat and vulnerability analysis.
Effective remediation plans and controls for identified vulnerabilities.
Required
Qualifications, skills and experience:
Bachelor / Masters degree and / or significant experience in IT and IT security related matters, preferably in an international environment.
Preferably holds an Information security professional certification such as CISMP.
Good knowledge and understanding of Information security technologies such as:
Access control
Vulnerability management
Data loss prevention
Web Security
Anti-malware controls
IDS/IPS
IT networks
System Administration
Excellent problem-solving skills, capable of working under pressure on highly complex IT solutions.
Strong information security risk-based prioritisation capabilities.
Good communication skills (able to explain complex technical concepts to both cyber professionals as well as business colleagues).
Desirable
Willing to travel occasionally within Europe.
Familiarity with applicable legal and regulatory requirements, including, but not limited to, the U.S. Sarbanes-Oxley Act, the U.S. Health Insurance Portability and Accountability Act (HIPAA), the European Union Privacy Directive, and the Japanese Financial Instruments and Exchange Law ("J-SOX").
An understanding of operating system internals and network protocols.
Experience in application and system technology security testing.
Project management skills and experience in creating and managing project plans, including budgeting and resource allocation.
Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
Honda is committed to the principle of equal opportunity in the workplace for all employees, temporary workers, contractors, applicants and visitors. Honda also encourages respect for the individual differences and talents of others while making full use of one's own abilities, based on Honda's philosophy of respect for the individual.
At Honda, we value and celebrate diversity and are committed to being a fair, non-discriminatory company that promotes and welcomes the uniqueness and differences of people around the world. We recognise that a diverse workforce allows for different ideas and perspectives, and we encourage everyone to share them. We strive to foster a culture of belonging that is consistent with Honda's core values and lived out in the way we work and respect each other. For us at Honda, diversifying our workforce means increasing its overall strength by providing people with equal opportunities - regardless of personal characteristics or previous careers.
This commitment flows directly from the Honda philosophy and the belief that we are all working towards a common goal. Honda recruits, hires, trains and promotes the most qualified/experienced individuals at all levels without regard to race, origin, religion or belief, gender, sexual orientation, age, disability or any other protected characteristic.
About the Company
We are a company built on dreams. And these dreams inspire us to create exciting, innovative and beneficial products. ‘The Power of Dreams’ is our way of thinking and allows as to be a global business like no other. Honda is the largest engine manufacturer in the world and the business is comprised of more than 500 companies with 134 production facilities in 28 countries, plus another 31 R&D centres in 15 countries. Honda designs, develops, manufactures, distributes and sells cars, motorcycles, marine engines, ATVs, lawn... Know more
Related Jobs
- Company Name
- Stott and May
- Job Title
- Azure AD Consultant (Security Cleared)
- Job Description
- Azure Active Directory Consultant (Azure AD) *candidates must hold an ACTIVE and transferable SC* Start: 2nd June Duration: initial 9-weeks Pay: negotiable, inside IR35 Location: ad hoc travel (minimal, must be commutable to central London) We're looking for a specialist engineer to lead a key identity and access management project for a client. You'll be responsible for designing and deploying a secure, best-practice solution to separate high-privilege user accounts across a hybrid On-Prem Active Directory (AD) and Microsoft Entra environment. What you'll be doing - Investigate the current hybrid AD/Entra setup and user provisioning process using Microsoft tools. - Identify all existing privileged users and roles across On-Prem and cloud environments. - Design and test a secure, compliant solution for privileged account separation in line with NCSC and Microsoft guidance. - Conduct user group testing and ensure minimal disruption during rollout to 30-150 users. - Support deployment, produce high-quality technical documentation, and create clear summary reports for client approval. What you'll need - Strong expertise in Active Directory (OU design, GPOs, Tier-0 models). - Advanced knowledge of Azure AD/Microsoft Entra ID, including role and identity management. - Hands-on experience with Azure AD Connect, including filtering, sync issues, and admin disentanglement. - Familiarity with Privileged Identity Management (PIM), JIT access, and PAW deployment. - Solid understanding of zero-trust security, least privilege, and change management principles. - Experience writing technical documentation, test plans, and client-facing reports. - Excellent communication and interpersonal skills, with the ability to manage multiple priorities and stakeholders.
- Company Name
- Public Sector Resourcing
- Job Title
- Security Architect
- Job Description
- On behalf of the Met Office, we are looking for a Security Architect (Inside IR35) for a 6 month contract based in Exeter office once per month. As the Security Architect within the Security Operations team of the Met Office’s Cyber Security Department, you will design and implement security solutions that protect Met Office digital services. You'll advise on enterprise security initiatives to further enhance our cyber security posture, safeguarding systems that are essential to public safety and national security. This role requires close collaboration with our Security Operations Center and Vulnerability Management teams to continuously improve our security services. This role will specifically support the deployment of our Network Detection and Response solution. As a Security Architect, your main responsibilities will be: * Design and implement enterprise security solutions for on-premises and cloud-based systems by applying technical architecture, risk management, and threat analysis to create solutions that are resilient from attack * Assess and improve security postures to address evolving cyber threats, keeping our operational defences proactive and effective by identifying risks and closing gaps * Develop security solutions that enhance our ability to protect, detect and respond to, and recover from cyber incidents * Lead and coach teams on cyber security practices, technical excellence, while fostering a culture of collaboration and personal development * Assess risks related to proposed changes and recommend security controls that support business objectives Essential: * Experience in designing and successfully delivering technical designs from concept to completion using standardised control frameworks (such as 27001/2) appropriately * Ability to develop and communicate security concepts (vision, principles, and strategy) that manage security risks to information, systems, and processes that support the delivery of balanced and cost-effective risk management decisions * Experience communicating security and risk effectively, apply security principles to business requirements to provide confidence * Ability to lead and coach personnel across departments on cyber security best practice to ensure common tools and patterns are used effectively to deliver secure solutions with proportionate controls to enable business outcomes. * Knowledge of industry security solutions including network detection and response, security information and event management, extended detection and response, threat intelligence and vulnerability management. Please be aware that this role can only be worked within the UK and not Overseas. Disability Confident As a member of the Disability Confident Scheme, the Met Office guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".
- Company Name
- Searchability NS&D
- Job Title
- Security Architect
- Job Description
- SECURITY ARCHITECT – OUTSIDE IR35 NEW OUTSIDE IR35 CONTRACT OPPORTUNITY AVAILABLE FOR A SECURITY ARCHITECT IN FARNBOROUGH Searchability NS&D has a permanent opportunity for an Security Architect to work across an exciting range of projects Must have active MOD DV Clearance Day rate up to £675 Outside IR35 Role is based in Farnborough – 3/4 days on site per week For more details please call me on 07842 002 256 or email shaun.varley@searchability.com WHAT WILL THE SECURITY ARCHITECT BE DOING? Risk Management within a Defence and Security Sector; Security / Cyber architectures are proportionate to the GSC of the systems; Security architectures are delivered in conjunction with other IT Architects and SMEs; Apply security design specifics to develop the security architecture; Strategic direction of Security projects; Producing evidence to meet various MOD regulations; Designing options and solutions to mitigate vulnerabilities; Working with various teams across the business including Software Engineering, DevSecOps Engineering, Infrastructure Engineering, Agile and Cyber Security; and Either holds or has recently held government security clearance already, or is suitable for and willing to go through the vetting process (suitability would include an absence of a serious criminal record, a right to work and live in UK and, preferably, a record of 5 years’ UK residency), SKILLS & EXPERIENCE DESIRED: Able to perform Risk management using industry approved methodologies (such as NIST 800-53). Identification of suitable risk management activities (technical, physical, or procedural) to treat /mitigate the identified risks; Support development in a secure by design methodology; Be able to work at a technical level with teams; Identification / design / selection of appropriate security components to provide security enforcing functions (e.g. network, endpoints, cryptography, authentication, authorisation, data inspection etc) for a variety of infrastructures including cloud environments; Legal and regulatory topics that merit consideration when conducting various activities in the field of cyber security; Creation of security documentation to support the development of a system, these could include: security Aspects, Risk Assessment, Risk Management, Security Policies, Security Test Plans/Results, Evaluation documents; Knowledge of JSP 604 / 453 and creation if assurance artefacts; and High standards in written report and design documentation. DESIRABLE: Knowledge and experience of Agile, DevSecOps, CI/CD principles and their application in secure environments Appreciation of the constraints and requirements imposed on development within secure, safety critical environments Concepts and technologies that are used to engineer systems which inherently protect systems; Understanding of MOD and other departmental IT in defence and security Experience of working with MOD Accreditors; and Knowledge of Onsite / project tech stack includes but is not limited to Azure, AWS, Docker, Kubernetes, Apache (NiFi, Kafka), NodeJS, Typescript, MongoDB, AI, Machine Learning etc. TO BE CONSIDERED…. Please either apply by clicking online or emailing me directly to shaun.varley@searchability.com - I can make myself available outside of normal working hours to suit from 7am until 10pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search Shaun Varley. I look forward to hearing from you. SECURITY ARCHITECT KEY SKILLS: SECURITY / ARCHITECT / DEFENCE / GOVERNMENT / SECURITY CLEARED / SECURITY CLEARANCE / SECURITY CHECK / DEVELOPED VETTING / DEVELOPED VETTED / DV CLEARED / DV CLEARANCE / DEEP VETTED / DEEP VETTING
- Company Name
- Harvey Nash
- Job Title
- Network Field Engineer
- Job Description
- Network Engineer| 12 Month Contract (TBC) | (Outside IR35) | Hybrid (Edinburgh) | Starting ASAP Market Rates You will be a Network Engineer with extensive practical day to day and some strategic Cisco switching and routing experience with a CCNA certificate at minimum. Though experience in Palo Alto, F5, Collaboration, VPN, Windows and Linux is advantageous. You need to be technically skilled and have the drive and the ability to be proactive to deliver results as part of the overall change programme. You will need to be able and experienced in travelling to all parts of Scotland, this includes some days at the weekend and at nights will be required to deploy our SD-WAN solution as well a nationwide LAN upgrade program. Promoting best practice in network management you will ensure that policy and procedures maintain quality assurance levels of a high standard. Main Duties: The key focus for this role at the start is to focus on the following projects: Deployment of SD-WAN solution to 50+ sites in Scotland, upgrade of estates wide LAN hardware/software (Triage of site failures over 50+ sites), Wi-Fi system upgrade (New controllers, AP's, expansion of coverage etc). More projects are in the works so there is scope for more works around F5, Data centre movement, management systems, VPN change to come. Programme Delivery Consult in the delivery of a design and strategy around managing a large multi-site network including SDWAN, WiFi and LAN active projects leading to you implementing said designs. Provide effective, timely and accurate advice and sound professional judgement to colleagues on networking/infrastructure design ensuring design principles are adhered to, Represent Change and Digital Innovation (Networks team) at meetings both internal and external in relation to the change programme. Consult on the overall network roadmap based on the 3 year and 5 year business plan. Provide technical design consultation to DDIA and network security. Policy and governance Ensure design compliance within PSN networks and the appropriate policies and procedures Advise best practice to Coordinate, maintain and develop existing systems to meet the needs of the business and supported Justice Partners as part of the change programme Communication Consult with operational colleagues to identify improvements to service provision to meet the ongoing and future needs of the client Attend meetings and network events as required and identify and share best practice methods Attend CAB (Change Authority Board) meetings when required to further explain submitted/proposed Network changes in line with the change programme. Ensure all collateral required by Project Managers is provided within agreed timescales. Service Development Consult with others within the business and outside agencies to continuously improve service provision and make suggestions for improvements to systems and processes based on the network roadmap. Keep current with market trends and new products in area of your specialism. Essential Skills & Experience: Proven up to date experience of Cisco equipment (2960X/XR, 4500, 9000 series as well as Nexus Switches), ideally supported by a recognised network certification. Knowledge of troubleshooting physical network site infrastructure Experience of building, managing and maintaining high availability networks with Cisco devices Working knowledge or experience in some or all of the following subjects: Cisco Networking, Unified Communications, WLC, F5 VPN, F5 Silverline/XC, IPsec tunnel and Palo Alto Firewalls. Experience of running, using and implementation of network monitoring solutions Experience of designing load balancing services Ability to work in partnership with IT colleagues and operational colleagues This role has been deemed Outside IR35 by the client. Applicants must hold, or be happy to apply for, a valid Basic Disclosure Scotland. Please click the link to apply.