Vertical Aerospace is building technology to revolutionise how people fly. Our mission is to make air travel personal, on-demand and carbon-free.
We're building a team where individuals are expected to deliver performance, ideas and concepts which make a difference. We will expect you to think creatively and push the boundaries of what is considered normal. Great delivery in the world of cloud technology and SaaS systems is about the elegance and efficiency of doing more with less, so if you’re a creative thinker, who wants the freedom to explore and develop your ideas, then this is the role for you.
We're looking for an outstanding Head of Application and IT security who combines superb technical knowledge and experience with a demonstrated ability to get the right things done quickly and effectively. This role is to develop the security function at VA. This includes understanding the general IT and application security requirements to design and build our new aircraft. The role is full-time and will require the successful candidate to be a self-starter and motivated to do something special and exciting.
the successful candidate must:
- Understand how to set up and managing the IT security for a company which is cloud-native. This would include setting up and monitoring a SEIM, password management, O365 monitoring and Azure security management, ensuring that any SaaS providers have robust security management and procedures in place.
- Demonstrable knowledge and experience in application security. An ability to work successfully with engineers to understand the s/w we are building and translate that into security must-should-could requirements and priorities and then helping to build and deliver this.
Your duties will be wide ranging and varied and will include:
- Develop and oversee the implementation of an organisation wide security program to reduce risks of security breaches and enhance overall security posture of the organisation
- Establish and lead security experts who would perform risk assessments and implement counter-measures
- Create and implement a strategy for the selection and deployment of information security technolo-gies
- Design and maintain Information Security policies & standards which align with the goals and objec-tives of the organisation
- Support compliance with all information security aspects of applicable regulatory standards including Aerospace s/w
- Developing and implementing a strategy to deal with security incidents by leveraging best practices from the fields of Incident Management, Security Incident Management, Business continuity man-agement and Crisis management
- Provide information security risk assessment and suggest appropriate countermeasures to ensure that the organisation remains secure
- Tracking latest cyber security innovations and keeping abreast of latest cyber security technologies and evolving threats
- Conduct continuous assessments of current information security practices and systems and identify ar-eas for improvement
- Champion and educate the organisation about the latest security strategies and technologies
- Identify and promote patterns for deployment that simplify and accelerate the security best practices for cloud
- Identify opportunities to leapfrog traditional information security challenges through automation and orchestration
Basic Qualifications / Experience
- Batchelors or Masters Degree in IT and a specialisation in Information Security
- Appreciation of the ED201 specification for aerospace s/w and the ability to take s/w through this accreditation
- Strong fundamental knowledge of IT and Application security
- Detailed knowledge of current and developing cloud-based IT infrastructure and management
- Detailed understanding and experience of working with engineers who are building business-critical software
- Good time and meeting management skills
- Experience in working with people and bringing them on side
- Ability to roll sleeves up and “getting stuck in”
- Good communication skills and a proactive approach to problem solving
- Experience in communicating with management, as well as technical and business teams in the area of Information Security
There will be some requirement to travel to London and Oxford