IT Specialist – Cyber Security Mott Macdonald

Mott MacDonald is a global engineering, management and development consultancy with over 20,000 employees across more than 50 countries and 140+ offices.

We work across incredible global industries, delivering exciting work that is defining our future and making an important societal impact in the communities we serve. Our people power our performance – we succeed when they do. With countless opportunities to collaborate, learn and grow, the possibilities for excellence are as varied as every individual.

Whether you want to grow as a subject matter expert or broaden your experience with roles across our international community, you’re surrounded by global specialists who want to combine their expertise and champion you to be your best. As a proudly employee‑owned business, we benefit our clients, our communities and each other, investing in creating the right space for everyone to feel empowered, included and valued. Whatever your ambition, Mott MacDonald is where people come to bebrilliant.

About the business unit

Mott MacDonald’s support services are the driving force behind our organisation enabling us to run efficiently and effectively. The team works collaboratively to offer specialist advice, best practice and technology to all areas of our business specifically designed for our global reach.

Key duties and responsibilities include:

• Proactively seeking out the most effective means of monitoring data loss related activities, by use of existing tools, or the investigation of new tools and methods
• Assist in the monitoring and resolution of all data loss issues as they occur, driving through forensic investigation and remediation as appropriate
• Feedback all lessons learned into Operational and/or Governance systems
• Drive and support cyber security related changes in Operational teams

Governance

Assist with driving cultural change in the organization by helping people understand data loss risks and make better choices to address enterprise security weaknesses.

Communications

Responsible for working with BMS and IT teams to communicate to the business and IT on known threats and best practices for preventing data loss, as they evolve.

Operational

• Advise on all requirements around data loss prevention and cyber security and appropriate use of specific systems or services, both those provided by IT or as required by the business, including projects with special security requirements and setup
• Acting as a point of contact for data loss prevention within operational IT teams, advising on appropriate responses, escalating as required
• Help to ensure that risk is measured and understood effectively by operational teams
• Penetration testing and vulnerability assessments
• Assist with prioritisation of security controls and remediation

Architecture

• Review and recommend tools and processes for managing information security around new and existing systems
• Price out, and advise on, the best data loss solutions
• Identify, review and evaluate technology risk
• Input to design choices for new systems to ensure security is addressed appropriately
• Scan and provide feedback on new products and risks to inform management strategy

Candidate Specification

Essential

• Develop, implement and manage data loss prevention policies, procedures and strategies to protect sensitive information
• Design and deploy DLP solutions to monitor, detect and prevent data breaches across various endpoints, networks and cloud environments
• Conduct risk assessments and gap analyses to identify vulnerabilities and recommend appropriate remediation measures
• Collaborate with cross‑functional teams to integrate DLP solutions into existing infrastructure and applications
• Monitor security events and incidents related to data loss and respond promptly to mitigate potential threats
• Stay up to date with emerging threats and industry best practices in data loss prevention and information security
• Provide technical expertise and guidance to internal stakeholders on DLP‑related matters
• Conduct training sessions and workshops to raise awareness of data security best practices among employees

Desirable

• Incident Response Management: Ability to efficiently manage and coordinate responses to security incidents, including containment, eradication and recovery processes
• Threat Intelligence Analysis: Proficiency in analysing threat intelligence feeds and identifying emerging threats relevant to the organization’s data security
• Forensic Investigation: Experience in conducting digital forensic investigations to determine the root cause of security incidents and gather evidence for legal proceedings
• Cloud Security: Knowledge of cloud computing security principles and best practices, including securing data stored in cloud environments and configuring cloud security controls
• Security Information and Event Management (SIEM): Familiarity with SIEM platforms and the ability to configure, monitor and analyse security events and logs for suspicious activity
• Regulatory Compliance: Understanding of relevant data protection regulations such as GDPR, HIPAA or PCI DSS, and experience ensuring compliance with regulatory requirements
• Penetration Testing: Experience in performing penetration tests to identify vulnerabilities in systems, applications and networks, and recommending remediation measures
• Security Awareness Training: Ability to develop and deliver security awareness training programs to educate employees about data security risks and best practices
• Risk Management: Proficiency in conducting risk assessments, quantifying risk exposure and developing risk mitigation strategies to prioritise security efforts
• Programming and Scripting: Basic proficiency in programming languages to automate security tasks, analyse data and develop custom security solutions

Personal Attributes

• Passionate about technology and learning
• Ability to balance demands and priorities and think clearly under pressure
• Attention to detail and a focus on quality
• Excellent conflict resolution, communication and collaboration skills
• Logical and analytical approach to solving problems

We are actively recruiting a diverse workforce that is reflective of the communities we serve. We recognise that differences in ability, skills and experience are a strength and encourage applications from people of all backgrounds.