Security Assurance Specialist

A bit about us 

Gamma is a leading supplier of Unified Communications as a Service (UCaaS): we provide voice, data and mobile products and services to the UK, German, Spanish and Benelux business markets.

Gamma is expanding its UCaaS presence in Europe with a family of businesses focusing on digital automation, delivering Gamma-powered services to SME customers via a network of channel partners in Germany, Spain, and the Benelux region.

Our team work fast, with a start-up type of mindset but working within a leading European business.

Who are we looking for? 

Security Operations is the "front door" for Gamma's security function. Being responsive and supportive is key to building trust with our colleagues. You will maintain healthy and collaborative working relationships across Gamma Group to help foster a strong security culture. You will work closely with Security Engineering and other technical teams to drive continual improvements to our security control assurance programme.

What will you be doing day-to-day? 

• Own the operation of the risk-based Vulnerability Management System (VMS), working closely with Security Engineering to ensure that all in-scope assets are covered, and that rule sets are maintained and continuously improved to meet control requirements.
• Work with Security Engineering to transform Gamma’s third-party penetration test coordination procedure to improve efficiency, align it more closely with the VMS, and take operational ownership of the resultant process.
• Chair regular meetings with key internal stakeholders to assess high risk vulnerabilities, identify where escalation is required, and agree improvements to the VMS to meet control requirements.
• Drive the expansion of coverage of continuous configuration assessments and benchmarks, and operationalise them within the VMS.
• Identify, implement, and operationalise (with the support of internal stakeholders) new automated and continuous assessments against security controls.
• Develop automated security assurance reporting (working with tooling vendors and internal stakeholders) and take ownership of the production of regular management reporting for security controls.
• Ensure that security assurance reporting is updated in response to changes to standards or policy.
• Oversee the acceptance into service of new security tooling.

What you’ll need 

• Experience of working within Security Operations, Security Assurance, or an adjacent role.
• Understanding of common security standards and frameworks (e.g. NIST CSF, ISO 27001).
• Experience of designing and developing clear and effective operational and management reports.
• Experience of risk-based vulnerability assessment and prioritisation.
• Understanding of threat actors, their tactics, techniques, and procedures.
• Hands-on experience with vulnerability assessment, configuration assessment, and other related tooling is desirable.
• Understanding of security-related legislation and regulation applicable to Gamma is desirable but not essential (e.g. Telecoms (Security) Act, NIS2).

What do we offer? 

• 25 days PTO + bank holidays
• Your birthday off
• Private Medical Insurance
• Electric Vehicle (EV) scheme
• Pension plan
• Enhanced maternity and paternity leave
• Share-save scheme

A few things to note 

• This role will require travel to one of our office locations (Manchester) on a hybrid basis.
• We do not need agency support; we do all our recruitment in house.
• Unfortunately, we can't offer visa sponsorship or relocation support for this role.