- Information Technology
- Malmesbury - United Kingdom
Our Cyber Security team
It’s no secret that our intellectual property is massively critical to our success. But how do we keep it from the prying eyes of the bad guys? Dyson’s Global Cyber Security department works effectively to keep our secrets secret and secure our crown jewels using advanced technologies to stay one step ahead of the game. We take a pragmatic approach, transforming cyber security in order to enhance our business resilience, enable our colleagues to move fast, delight our customers, and better manage potential cyber disruption. Investing in new cyber security capabilities across technology, process, and people, we build on and leverage our strong cyber security ecosystems to tackle future threats.
Our IT Security Risk & Compliance, Enterprise Security and Cyber Defence functions are the beating heart of Dyson’s Cyber Fusion Centre capabilities. Together, they enable the successful delivery of exciting new projects, help existing toolsets remain effective, enable and encourage compliance, balance red & blue team capabilities, and make sure that cyber security incidents are managed in a timely and efficient way.
About the roleThe major focus of this role is to lead and manage our global Enterprise Security Architecture and Engineering function (e.g. Enterprise IT & Business Application Security), and ensuring fit-for-purpose enterprise security target architecture and solutions are well-designed and implemented, and ensuring highly available & scalable security operations services are consistently running across Dyson global network.
Your enterprise security services will be world class and will protect our most important assets – our customers and our intellectual property - whilst ensuring that our network, infrastructure systems, applications, information are securely monitored and protected. Your aim will be frictionless security, enabling the business to achieve their output and uptime goals through cyber resilience services and a strong cyber security culture, whilst delighting the people who use our products.
Alongside the above, you'll also be responsible for the following:
- Providing technical and people leadership and being responsible for the development, implementation, communication, maintenance and governance of the cyber security strategy, technical architecture and roadmaps for Enterprise Security services.
- Working as part of the Cyber Security leadership team, you will become the trusted adviser of Cyber Security expertise in your areas, pro-actively providing security leadership and guidance to business divisions, IT leadership teams, project teams and 3rd party partners.
- Developing, embedding and managing a world-class Enterprise Security Architecture, Engineering function (covering Enterprise IT solutions, Business Applications and Manufacturing Security), ensuring our Enterprise IT, Dyson business units, and our people operate within a well-defined and understood cyber security risk appetite, including regular monitoring, reporting and escalation of security events and potential risks.
- Responsible and accountable for enterprise security architecture, infrastructure hardening, security best practice and security consulting on cyber security elements of business and IT-led initiatives. The role requires both team management and hands on technical security expertise, and an ability to think strategically to help define our cyber security programme.
- Responsible and accountable for enterprise security engineering and operations to industrialize world-class cyber security solutions, and ensure security operations are supported by well-defined SLAs and relevant service management metrics for performance tracking.
- Manage Enterprise Security Architecture & Engineering BAU and Project Budgets, work across cyber security functions to prepare business cases for new initiatives, and periodically review financial forecast /actual expenses.
- Manage vendor & supplier commercial relationship, continuously explore and implement cost effective measures to optimize security investment (technology & support model).
- Influencing a broad range of senior stakeholders in various teams across the business, including IT architects, developers and engineers, programme managers, and business data owners. Therefore, you will need to build rapport quickly and project confidence in your actions and recommendations. Throughout your tasks you will ensure your recommended solutions are cost effective, observe industry good practice, exhibit appropriate security governance, and that the technologies you choose are adequately implemented and secured to support the needs of the business.
- Cultivate core relationships between internal stakeholders, external partners, and other 3rd party entities or regulatory bodies in support of Dyson’s Enterprise IT, application and manufacturing security aims.
- Work alongside our Global Director Enterprise Security to contribute effectively to our Cyber Security Governance Framework.
About youWe seek applications from individuals with an exceptional track-record of building and running global Enterprise Security Architecture & Engineering function, encompassing a range of responsibilities including setup best in class enterprise security capabilities to support effective operation of cyber security consultancy services and solutions across Dyson.
Alongside this, you'll bring the following:
- A highly self-motivated individual with positive mindset & can-do attitude, and a strong believer of “Security as an enabler” to support business growth.
- Expert knowledge and hand-on implementation experience specific to Network & Infrastructure Security, Application Security, Cloud & Mobility Security (IaaS, PaaS, SaaS, CDN), Data/Database Security, etc.
- Expert knowledge of security tools, techniques and best practice within enterprise environments.
- Expert knowledge of DevOps practices and embedding security in the software development life-cycle.
- Expert knowledge of current industry security threats, challenges and mitigation techniques.
- Strong understanding of IT Security Controls (FW/IPS/IDS/DDOS, NGAV/EDR/MDR, Identity Access Management, Zero Trust Access, SIEM & SAOR, etc.).
- Practical knowledge of industry standard frameworks (ISO 2700x, NIST, ITIL, etc.), best practices (CIS, SANs, OWASP, CSA) and regulations (PCI DSS, GDPR, China CSL etc).
- Demonstrable experience of implementing Enterprise Security Architecture and Engineering services in large organization.
- Demonstrable experience of supporting project teams with high and low-level security consultancy, design and delivery, with a wide-ranging understanding of security considerations across key technologies across market-leading solutions in Network, OS, SaaS applications, public cloud, etc.
- Demonstrable experience of developing strong partnerships across senior management teams within complex businesses, you'll possess the strength of character and conviction to make tough decisions when required.
- Strong knowledge for managing various type of security partners and vendors, including service management and financial cost management.
- Ability to evaluate & articulate risks, develop consensus, raise awareness and provide thoughtfully considered security solutions to various key business stakeholders.
- Ability to translate and distil complex technical information across all levels of the organization as required for the audience.
- Ability to effectively develops and manages all defined communication channels and relationship management with diverse stakeholder groups.
- Ability to lead and manage a specialist based, high performing and multicultural teams in different locations.
- Must be highly reliable, trustworthy, commitment & outcome oriented.
Our culture is unique. It's not easy or comfortable. It's certainly not for everyone, but if you thrive on challenge and are excited by change – it could be for you.
- 27 days holiday plus eight statutory bank holidays
- Pension scheme
- Performance related bonus
- Life assurance
- Sport centre
- Free on-site parking
- Subsidised café and restaurants
- Discounts on Dyson machines
We are following the government guidelines regarding COVID19. At this time all interviews will be conducted via video or telephone. We’re taking these precautionary measures to protect both our employee and candidate wellbeing. Our Talent Acquisition team will work with you and provide further information as appropriate.