Information Security Advisor

Trilateral Research is recruiting for an Information Security Advisor to join our Data Protection and Cybersecurity team. This position is open to candidates in the United Kingdom and the Republic of Ireland.

As an Information Security Advisor, you will support our clients in developing and ensuring robust information security policies, practices, and protections across their organisation. You will be responsible for analysing security measures, including network and application security measures, as well as organisational controls to improve the information security profile of client organisations, investigate incidents and identify and evaluate prevention and mitigation strategies.

Your expertise will be vital in improving information security practices in a range of diverse, high-profile organisations across Europe.

Our company and what we do

At Trilateral Research, we provide ethical AI solutions for tackling complex social issues, from human trafficking and child exploitation, citizen security in crisis to pollution and climate change. We transform research into innovation and sustainable impact​, focusing our efforts where we can enhance societal wellbeing.

We apply rigorous, cutting-edge research when developing and accessing new technologies to ensure they achieve sustainable innovation and measurable impact. Our teams include humanities specialists, social scientists, data scientists, ethical, legal, and human rights experts who work across the technology-social disciplinary divide.

Key responsibilities include but not limited to

Security Assessments:

• Conduct network security assessments, to include, reviewing active directory accounts, identifying exploitable vulnerabilities, reviewing, and verifying firewall settings and conducting port scans, etc.

• Assess web application security, including assessing code for vulnerabilities, assessing role/user permissions, verifying 2FA, etc.

• Conduct 3rd party information security assessments for onboarding applications.

• Conduct assessments against established frameworks, i.e., ISO 27001, NIST SP800-53, CE+, PCI DSS, NIST RMF.

• Identify and assess security risks and identify and evaluate relevant appropriate controls for mitigation/remediation.

Vulnerability Assessment & Management:

• Conduct regular and comprehensive vulnerability assessments using specialised tools and methodologies.

• Generate reports outlining the status of vulnerabilities, progress in remediation efforts, and recommendations for improvement to management and relevant stakeholders.

• Evaluate and adapt policies and procedures related to the deployment of security patches and updates across the organisation's systems and software.

• Collaborate with relevant teams to develop and implement remediation plans to address identified vulnerabilities.

• Provide guidance and recommendations for patching, configuration changes, or other corrective actions to mitigate vulnerabilities.

Security Incident Response:

• Conduct incident investigations to determine the root cause and scope of the incident.

• Perform forensic analysis by examining logs, conducting memory analysis, and preserving evidence.

• Identify vulnerabilities exploited and gather information for potential legal purposes.

• Identify areas for improvement and update incident response plans and procedures accordingly.