- Information Technology
- Singapore - Technology Centre
At Dyson, we demand the highest standard of performance from the technologies we engineer. Our people expect the same from the technology that supports them. We are a community that appreciates and advocates better engineering. A community of pioneers.
Dyson IT are mid-transformation. Our aim, to create robust IT architecture, to manage data effectively and efficiently and continue to grow our world-class team. A team who is strategic, enabling business acceleration, growth and success.
Our Digital Workplace Services team
The Digital Workplace Services Team in which this role is aligned exist to:
Deliver world class Service Desk, End User Computing, Collaboration, Legal, Payroll, Dyson Institute and HR IT Services to Dyson’s global employees (circa 15,500 users)
Ensure ITIL aligned governance and standards are followed
Drive continual improvement into the Digital Workplace services space in line with Dyson’s growth
Deliver a roadmap for all Digital Work place services to drive transformation required to support Dyson’s blueprint
Establish and maintain strong relationships with the business, ensuring regular communication of service requirements, service improvements, risks, service changes, service outages and service issues.
About the role
Reporting to the Digital Workplace Services Security Architect in the UK, you will primarily be focused on providing Oversight, Assurance, Challenge, Advice and Guidance relating to Information and/or Security and/or Cybersecurity Policy, Standards, Controls and Risk.
Support the Digital Workplace Services (DWS) Information Security & Cyber Risk Management Team in the execution of their duties and appropriately represent them within and the Dyson global business in providing effective guidance, challenge, assurance, and oversight
Report and deliver Information Security & Cyber risk assurance/review activity consulting with management to formulate and agree effective solutions to any identified shortfalls
Provide input to the continuous development and improvement of the risk review methodology and approach
Produce quality management information and reporting.
Provide risk-based, accurate, practical and sound guidance, opinion and support to operational and strategic change initiatives, BAU activity, projects and breach and incident remediation plans
Effectively analyse breaches, incidents, internal and external audit, compliance monitoring and other review findings to determine Information Security and Cyber risk implications, consideration of regulatory notification to the FCA, ICO or other relevant regulators. Report notifiable events to the relevant Approved Person and liaise with the Phoenix OSP in relation to remediation, root cause and prevention activities as appropriate
Identify and analyse relevant regulatory changes and themes which impact the DWS and/or Dyson globally. Ensure details of changes/themes are communicated appropriately and oversee the timely implementation of all necessary actions
Review relevant customer processes and systems where there are changes and provide guidance, recommendations, and challenge to DWS business owners on areas for development/improvement
Challenging the DWS business to ensure that the established information security control framework is (and remains) aligned to Dyson's policies and industry best practice, using the ISO / IEC 27000 series standards (or equivalents) as a benchmark.
Challenging all DWS strategic business partners (e.g., business third party delivery teams) to ensure that they are working within the bounds of DWS and Dyson's policies and any global legislative compliance e.g., GDPR, PCI, Cyber Security standards, etc.
Challenging the business to ensure that the Information Security Control Framework meets the requirements of current and emerging legislation and regulation, including the guidelines and expectations of our regulators.
Continuously developing existing expert technical knowledge and applying this in conjunction with significant business awareness in order to give accurate and timely advice when these are constantly evolving.
Conduct Line 2 Information Security and Cyber Risk oversight and assurance activities which adds value to the business, ensuring delivery via a multi-site team in a consistent manner to a high level of quality.
As a member of the Information Security & Cyber Risk team in DWS, working proactively across the various teams (e.g., Technical Architects, Service Delivery, etc.) in the DWS function to ensure that we deliver fully against the Dyson Group Risk Framework.
Maintain knowledge of technology, systems, processes, data, and interfaces deployed across Dyson's Global IT business
Deputise for the DWS Security Architect as required.
What We’re Looking For
Relevant Information Security and Cyber technical experience, including knowledge and awareness of regulatory environment and relevant legislation, product administration processes and outsourced service arrangements.
Proven knowledge and experience of IT Security tools, capabilities, and controls.
Knowledge of Security Testing tools and techniques e.g., Penetration Testing, Infrastructure Scanning, Static Code Review, Web App Scanning tools, etc.
Proven knowledge and experience in Industry Standards and best practice including the ISO/IEC 27000 series, NIST Cybersecurity Framework etc.
IT Security and Risk experience in one or more of the following areas:
“First Line” role - either as IT Security or Risk technician or Manager
“2nd Line” role - providing IT Security Management or IT Security or Risk support, or review and challenge to an IT functional area
“3rd Line” role – IT Security or IT auditing of an IT functional area
Advanced communication (verbal and written) and customer service skills.
Strong interpersonal, communication, and presentation skills applicable to a wide audience including senior and director level management
Strong research skills
A natural problem solver
A ‘Can do’ and engaging professional attitude with a strong desire to learn
Comfortable working outside of core working hours when necessary to complete the task in hand and support project go lives and hyper care timeline
One or more Information/Cyber Security Certification/Qualification - Examples:
ISC2 Certified Information Systems Security Professional (CISSP)
ISACA Certified Information Security Manager (CISM)
ISC2 Certified Cloud Security Professional (CCSP)
One or more Risk Management Certification/Qualification - Examples:
ISACA Certified in Risk and Information Systems Control (CRISC)
Institute of Risk Management qualification
Certified ISO-27001 Lead Auditor
Certified Information Systems Auditor (CISA). Examples:
ISACA - Certified Information Systems Auditor (CISA)
Undergraduate Degree or equivalent
Checking And Reporting
Courageous Decision Making
Impact & Influence
Understand of Self and Others
Dyson monitors the market to ensure competitive salaries and pension contributions. Beyond that, you’ll also enjoy a profit-related bonus, generous leave and life insurance. But financial benefits are only the start of a Dyson career. Rapid professional growth, leadership development and new opportunities abound, driven by regular reviews and dynamic workshops. And with a vibrant culture, flexible working hours, the latest devices and a relaxed dress code reflecting our engineering spirit, it’s an exciting team environment geared to creativity, innovation and ambition.
At Dyson, it's about more than our machines. We recognise that our success comes from our inventive people. We believe in including everybody and supporting you on your journey with us
We are following the government guidelines regarding COVID19. At this time all interviews will be conducted via video or telephone. We’re taking these precautionary measures to protect both our employee and candidate wellbeing. Our Talent Acquisition team will work with you and provide further information as appropriate.