At a Glance
- Tasks: Lead cybersecurity initiatives, ensuring compliance and protecting sensitive data across platforms.
- Company: Coforge is a dynamic company focused on information security and risk management.
- Benefits: Enjoy flexible working options and a supportive team culture.
- Why this job: Join a mission-driven team making a real impact in data protection and security.
- Qualifications: Experience in data protection, application security, and cloud data security is essential.
- Other info: Position based in Telford, Shropshire, with opportunities for professional growth.
The predicted salary is between 36000 - 60000 £ per year.
Work Location: Telford, Shropshire
Department: Information Security & Risk Management
Reports To: Chief Information Security Officer (CISO) / Head of Information Assurance
We at Coforge are hiring Cybersecurity SME with the following skillset:
Job Summary: We are looking for a Cybersecurity SME in the UK (based out of Telford, Shropshire) with a strong experience of Data Protection, Application & Cloud Data Security.
Key Responsibilities:
- Information Security Governance & Compliance:
- Develop and maintain security policies, standards, and procedures aligned with UK GDPR and other compliance.
- Conduct risk assessments and support DPIAs for systems processing sensitive data (e.g., PII, PHI).
- Ensure security controls are embedded across enterprise platforms including Pega CRM, contact center systems, and cloud data environments.
- Design and implement DLP strategies across endpoints, cloud storage, and enterprise applications.
- Enforce data classification, encryption, and access control policies for regulated data.
- Collaborate with stakeholders to ensure compliance with data protection regulations and privacy-by-design principles.
- Define and enforce security controls for structured and unstructured data stored in cloud platforms AWS S3.
- Implement encryption, key management, and access governance for cloud data.
- Monitor data flows between cloud services and on-prem systems to prevent unauthorized access or data leakage.
- Integrate cloud-native security tools (AWS Macie) for data discovery and classification.
- Integrate with SIEM platforms e.g., Splunk for real-time monitoring and threat detection.
- Integrate logs and telemetry from Pega CRM, telephony/contact center platforms, and cloud data services.
- Define correlation rules and alerts for proactive incident detection and response.
- Conduct secure code reviews, threat modelling, and vulnerability assessments.
- Work with development and operations teams to integrate security into the SDLC and CI/CD pipelines.
Cyber Security Subject Matter Expert (SME) employer: Coforge
Contact Detail:
Coforge Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Subject Matter Expert (SME)
✨Tip Number 1
Familiarise yourself with the latest UK GDPR regulations and data protection laws. Being well-versed in these frameworks will not only boost your confidence during discussions but also demonstrate your commitment to compliance, which is crucial for a Cybersecurity SME role.
✨Tip Number 2
Network with professionals in the cybersecurity field, especially those who work with cloud data security and application security. Attend relevant meetups or webinars to gain insights and make connections that could lead to referrals or recommendations for the position.
✨Tip Number 3
Showcase your hands-on experience with tools like AWS Macie and SIEM platforms such as Splunk. If you have worked on similar projects, be prepared to discuss specific examples of how you implemented security measures and the outcomes of those initiatives.
✨Tip Number 4
Prepare to discuss your approach to risk assessments and data loss prevention strategies. Be ready to explain how you would design and implement these strategies in a real-world scenario, as this will highlight your practical knowledge and problem-solving skills.
We think you need these skills to ace Cyber Security Subject Matter Expert (SME)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in cybersecurity, particularly in data protection, application security, and cloud data security. Use keywords from the job description to demonstrate your fit for the role.
Craft a Strong Cover Letter: Write a cover letter that specifically addresses the key responsibilities mentioned in the job description. Explain how your previous experiences align with their needs, especially in areas like risk assessments and compliance with UK GDPR.
Showcase Relevant Skills: In your application, emphasise your skills in security governance, DLP strategies, and cloud security tools. Mention any specific tools or frameworks you have experience with, such as AWS S3 or SIEM platforms like Splunk.
Proofread Your Application: Before submitting, carefully proofread your application for any spelling or grammatical errors. A polished application reflects your attention to detail, which is crucial in the field of cybersecurity.
How to prepare for a job interview at Coforge
✨Know Your Cybersecurity Frameworks
Familiarise yourself with UK GDPR and other relevant compliance frameworks. Be prepared to discuss how you have implemented these in past roles, as this will demonstrate your expertise and understanding of the regulatory landscape.
✨Showcase Your Technical Skills
Be ready to talk about specific tools and technologies you've used, such as AWS S3, Splunk, or DLP strategies. Highlight any experience with cloud data security and application security practices, as these are crucial for the role.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to solve hypothetical security challenges. Think through your approach to risk assessments, incident response, and implementing security controls, as this will showcase your problem-solving skills.
✨Demonstrate Collaboration Skills
Since the role involves working with various stakeholders, be prepared to discuss how you've successfully collaborated with teams in the past. Share examples of how you’ve integrated security into development processes or worked with non-technical teams to ensure compliance.