Security and Resilience Manager
Hybrid
London, United Kingdom
Full Time
16-04-2025
Job Specifications
About CEPI
Launched in 2017, the Coalition for Epidemic Preparedness Innovations (CEPI) is an international coalition of governments, academic, philanthropic, private, public, and intergovernmental institutions whose vision is to create a world in which epidemics and pandemics are no longer a threat to humanity. Our mission is to accelerate the development of vaccines and other biologic countermeasures against epidemic and pandemic threats so they can be accessible to all people in need. CEPI played a central role in the global response to COVID-19, creating the world’s largest portfolio of COVID-19 vaccines – seven of which are approved for global or domestic use - and co-leading COVAX, the global initiative to support equitable access which supported the delivery of over 2bn vaccine doses globally. CEPI has CEPI has contributed to a number of scientific breakthroughs in vaccine development against other infectious diseases, including the first ever licensed Chikungunya vaccine and the first Nipah and Lassa virus vaccines into Phase 1 trials.
As COVID-19 has demonstrated, emerging infectious diseases represent an existential threat to our way of life. COVID-19 is not the first pandemic of the 21st century, and unless we act now, we can be sure that it will not be the last. Unlike some of the other big threats that humanity faces, we have the tools to systematically reduce and even eliminate the risk of future pandemics. It is vital that we capitalise on the rare alignment of political will, practical experience, and technical and scientific progress emerging from the pandemic to prevent such devastation happening again. CEPI’s five-year plan for 2022-2026 – known as CEPI 2.0 - aims to dramatically reduce or even eliminate the future risk of pandemics and epidemics. Central to the plan is CEPI’s goal to accelerate the time taken to develop safe, effective, globally accessible vaccines against new threats to just 100 days. Achieving this ‘100 Days Mission’, which has been embraced by the G7 and G20, would give the world a fighting chance of containing a future outbreak before it can spread to become a global pandemic, potentially averting millions of deaths and trillions of dollars in economic damage.
CEPI is a not-for-profit association under Norwegian Law and has offices in Oslo (HQ), London, and Washington DC.
In CEPI we strive for diverse thinking, and we want a diverse pool of candidates for all our vacancies. We work for an inclusive working environment where each employee can contribute and grow.
More details about CEPI and our mission can be found on our website: www.cepi.net
About the role
CEPI is committed to establishing a safe and secure working environment such that we can pursue our mission without disruption, harm or concern. CEPI's security and resilience function is a part of the Governance, Risk and Compliance Department, and supports the organisation by putting in place measures which mitigate security risks while at work, during events, and during travel; we also plan for how to respond most effectively when there is an incident or disruption. This role is an exciting opportunity to contribute to the development of this function for a one-year, fixed term contract.
The Security and Resilience Manager will work closely with the Acting Security and Resilience Lead and will engage with colleagues across the organisation to identify and mitigate security risks, improve resilience, and raise awareness of relevant topics and safeguards.
We are looking for someone with strong prior work experience in a professional setting, a positive and curious attitude, and strong organisational skills. The ability to effectively communicate is essential, both verbally and in writing. The role will require you to be self-motivated to learn the operations of CEPI and will involve work that is both independent and collaborative. You will also need great judgement and be able to adapt to a fast-paced and continuously changing environment. This is a 1 year fixed term full time role.
Responsibilities
Support the continued development of our physical security programme, including a focus on travel security, event security, workplace security, intelligence, and training and awareness activities;
Support the continued development of our resilience programme, with a focus on crisis management and business continuity;
Collaborate with CEPI’s cybersecurity function to ensure a holistic view of security and resilience;
Review security risks involved in our programmatic work, including the evaluation of security controls of third parties, and offer balanced advice on how to encourage the management of these risks;
Manage third party service providers in accordance with contracted SLAs and KPIs;
Develop and maintain strong relationships with internal and external security stakeholders;
Take ownership of security and resilience mechanisms within CEPI, in line with your interests and previous experience; and
Support the organisation with other security and resilience needs as needed and adapting to organisational priorities.
Education, Experience and Competence
Essential: Bachelor’s or Master’s degree in international affairs, security, resilience, business management, or related field.
Essential: Minimum 5 years security/resilience work experience.
Preferred: Advanced training or certification in security
Essential: Proficient in MS Office and comfortable with applying new IT tools across tasks.
Experienced in commercial resilience or security risk management, security or resilience consulting, law enforcement, military, other government security services, or a combination thereof
Broad and current knowledge of security management, travel security, event security, information security, and resilience best practice
Experienced in managing incidents
Experienced in working across organisational functions to develop integrated, holistic, pragmatic, and optimum approaches and solutions to present-day security challenges
Expertise in a specific geographic region a plus
Strong written and verbal English language skills. Other languages, including Spanish or Portuguese, a plus
Comfortable working at all levels of the organisation
Demonstrable analytical skills, risk awareness and project management when supporting complex projects, or advising on strategic decisions
Ability to plan, organise and prioritise workloads, keeping stakeholders informed and managing expectations
Proven relationship building and influencing skills
Ability to adapt and work within a multicultural, multidisciplinary environment
Travel and Location Requirements
Position is based in either London, UK, or Oslo, Norway.
Applicants should be based in either UK/Norway and hold a valid work permit. We will not relocate or sponsor a work visa for this one-year, fixed term role.
Travel to as assigned, occasionally at short notice
What we can offer you
Experience in the international effort to develop vaccines against em...
About the Company
CEPI is an innovative partnership between public, private, philanthropic, and civil organisations, launched at Davos in 2017, to accelerate the development of vaccines and other biologic countermeasures against epidemic and pandemic threats so they can be accessible to all people in need. CEPI’s 2022-2026 plan, known as CEPI 2.0, is helping the world to make the scientific progress needed to respond to the next Disease X threat with a new vaccine in just 100 days. This goal is known as the 100 Days Mission. Learn more ab... Know more
Related Jobs
- Company Name
- Databricks
- Job Title
- Staff Security Engineer, Field Assurance
- Job Description
- RDQ326R19 We are seeking a Staff Security Engineer, Assurance Field Engineering, to join our Security organization. In this role, you will work side-by-side with Databricks’s strategic customers, partner with our field, and support essential security programs. You will play a key role in evangelizing Databricks’ comprehensive security program to our customers and the general market. This is a high-impact position that helps to meet customer security requests related to the output of our assurance team and the requirements of our customers’ assurance teams. It is a unique role for a well-rounded, field-facing security professional with deep knowledge in the assurance space. The Impact You Will Have Build a direct and ongoing relationship with security teams at our top customers across the EMEA region (Europe, Middle East, and Africa) to support customer risk audits and periodic security reviews. This includes how Databricks can support customer compliance requirements with regional regulations, including DORA, the EU Cybersecurity Act, and GDPR frameworks. Participate as a member of the field security team in strategic customer meetings by providing insights on security and compliance best practices that may be relevant to the EMEA region. Enhance the visibility of assurance offerings by supporting and participating in market initiatives within the EMEA region. Enhance the Security questionnaire process to improve service levels and efficiency. Contribute and participate in field activities such as webinars, conferences, blogs, etc. Interpret customer feedback into technical product requirements to best support compliance with EMEA regulations. Write high-level documents to update prospects and customers on relevant features and programs that successfully address regional compliance needs. What We Look For 8+ years of architecture experience building, consulting to, or implementing technology risk programs Well-versed in the overall challenges facing customers around our solutions' security, compliance, legal, and regulations with an enhanced focus on the EMEA region. Experience solving complex problems, serving as a subject matter expert in security, and delivering impactful solutions across the company. Proficiency in various cloud service platforms and security areas, focusing on addressing unique customer security challenges throughout the EMEA region. Experience leading cross-functional teams to complete projects with multiple dependencies and constraints. Ability to build relationships with and manage diverse stakeholders remotely Understanding of Data Science and Machine Learning concepts and applications Outstanding presentation skills to both technical and executive audiences, whether impromptu on a whiteboard or using presentations and demos Bachelor’s Degree required, Master's Degree in computer science, engineering, mathematics or related fields, or equivalent experience preferred About Databricks Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook. Benefits At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit https://www.mybenefitsnow.com/databricks. Our Commitment to Diversity and Inclusion At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics. Compliance If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.
- Company Name
- TRM-International
- Job Title
- Network Security Engineer
- Job Description
- Financial Trading Company who work with global companies on front office trading systems and connectivity are looking to hire Security Engineers & Development Operations specialists. The roles will encompass automation and compliance, incident response, web security, infrastructure security, platform engineering and technical support including maintenance and support. The ideal person will be educated to degree level with a Computer Science or Engineering degree. Have experience of doing dev ops engineering in the past Security platform engineering experience Understand ISO27001 or SOC2 Strong infrastructure support gained ideally in financial trading environment or similar Automate cloud security Excellent opportunity to work on cutting edge financial and trading technologies along side exceptional technologists that you can learn from.
- Company Name
- McGregor Boyall
- Job Title
- IT Security Manager
- Job Description
- IT Security Manager – £67,000 + Benefits Looking for a technical, hands-on IT Security Manager to join a lean and growing security team. Requires a technical skillset, experienced with the microsoft Security stack as well as a diverse range of hands-on ability. What You’ll Be Doing: Lead the technical implementation of ISO27001 and Cyber Essentials+ (CE+) Manage and enhance the Security Operations Center (SOC), with one analyst reporting to you Oversee incident response, manage security incidents from detection to resolution Work closely with the compliance manager on vulnerability management Architect secure solutions, validate baseline configurations, and recommend improvements to stay compliant Collaborate with key stakeholders including Compliance and Infrastructure teams Required Experience: Microsoft security suite experience – Microsoft certifications are highly valued Familiarity with SIEM tools – Microsoft Sentinel or similar Experience managing network security and firewalls Exposure to PenTesting methodologies or practices (desirable) Experience with NAC solutions like Cisco ISE, ForeScout, or similar Strong grasp of vulnerability management processes Desired Certifications Microsoft Security certifications (preferred) CISM or CISSP (beneficial, not essential) Apply now or reach out for a confidential chat- ngoren@mcgregor-boyall.com
- Company Name
- Job Title
- Security Consultant, SIEM/SOAR, Mandiant
- Job Description
- Note: By applying to this position you will have an opportunity to share your preferred working location from the following: London, UK; Dublin, Ireland.Minimum qualifications: Bachelor's degree in Computer Science, Information Systems, Cyber Security, related technical field, or equivalent practical experience. 6 years of experience in a Detection Engineering or related role, working with EDR and SIEM technologies. Experience using multiple operating systems, directory service software, and document, spreadsheet, and presentation software. Experience with detection tuning and creation leveraging various security tools including SIEM, EDR, or NDR tools. Experience with Security Orchestration and Automated Response (SOAR) platforms. Preferred qualifications: Experience with Search Processing Language (SPL), Kusto Query Language (KQL), YARA-L or similar SIEM query languages. Experience with content engineering inside SIEM platforms (e.g., rule creation, advanced correlation searching, etc.). Knowledge of scripting languages (e.g., PowerShell and Python). Understanding of logging for common platforms and devices, including Linux and network equipment. Understanding of SIEM log flow, aggregation, and forwarding. Ability to engage and collaborate with client stakeholders and other groups within the customer environment to drive resolution for security issues. About The Job In this role, you will be responsible for enabling the technology and tools required to accomplish daily tasks within a Cyber Defense Center (CDC). You will collaborate with multiple cross-functional teams such as Security Architects, Security Analysts, Client Information Technology (IT) resources, and other business resource owners, to define requirements and deliver recommendations focused on technologies required to support the client's CDC. In addition, you will be responsible for maintaining the operational readiness of client Security Information and Event Management (SIEM), creating detection content, identifying areas for improvement, and setting appropriate configurations of the SIEM or related response technologies required for a client's Security Operations Center (SOC) to maintain effective incident detection and response capabilities. You will be developing and supporting automation playbooks within a client's Security Orchestration and Automated Response (SOAR) platform. You will work as a member of a technical team in a rapidly changing environment, administer a variety of information security technologies, learn new emerging technologies, and be passionate about protecting customer data and corporate assets from the threats facing multiple industries. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone. Responsibilities Identify issues in customer cyber defense centers and formulate strategies for improvement, plan implementation of improvements, and execute/oversee plans to completion. Create and modify SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific query language or sigma open signature format. Provide expertise for SIEM and other SOC technologies that assist in incident response. Measure and improve alert fidelity through metrics creation, tracking, responding to tuning requests, implementing incident-specific detection logic, etc. Support development of automations and orchestration playbooks in client SOAR platforms. Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form .