About ICE
ICE is a purpose-driven organisation, founded by rightsholders, for rightsholders.
We exist to support songwriters, enabling societies and publishers to accurately compensate them when their work is used internationally.
We operate at the exciting intersection of technology, music, and data.
Since our 2010 launch, we have paid billions to rightsholders through deep expertise in Copyright, Processing and Licensing.
Our collaboration with stakeholders across the industry delivers best practice, new processes & innovative solutions for better royalty flows.
Strategic investment in technology enables us to process trillions of streams, to deliver the maximum revenue for rightsholders.
ICE has grown to distribute more than €1bn in royalties per year, licensing music services such as Spotify, Apple, YouTube and TikTok.
About the Role:
As we build out the IT Security function we have determined the need for a specialist with a specific remit of securing the infrastructure and cloud environments used across both the production and corporate spaces.
This will encompass both the application hosting environment and the backend support services hosted within cloud environments as well as on premises hosted systems.
The role will involve designing and owning the Infrastructure and Cloud Security pillar, developing all the processes, technology, and metrics and output to make this a key function within the IT security division.
This role is open to candidates who are currently residing in the UK or Germany or those who have the legal right to work in either country.
Key Responsibilities:
- Engaging with key stakeholders to understand the current state of infrastructure and cloud security.
- Perform gap analysis and identify risks across all cloud environments, drive improvements and long term strategy.
- Design and build secure technology environments. Working alongside the engineering function this role will assist the team in building an environment that meets the needs to host the applications in a secure manner.
- Configuring the corporate functions and the security of AzureAD using policies and tools.
- Performing audit and benchmarking across the environments to ensure optimal level of security controls are implemented and to help drive future initiatives.
- Prepare and enforce standards and guidelines for infrastructure and cloud security.
- Drive particular focus on access controls across the environments and data within all environments.
- Monitor solutions for critical security events and build investigation and incident response plans.
- Document all risks identified and remediation steps required.
Requirements and Qualifications:
- Experience in design, documentation, and configuration of secure solutions for AWS and Azure cloud environments as well as virtual hosted environments.
- Knowledge of both cloud native tools such as Cognito, SecurityHub, Insepctor and IAM along with bringing in third party tools.
- Experience in designing configuring security tools and technology such as WAF’s, firewalls, IDS both in a hosted, third party managed, and cloud environment.
- Experience in securing container environments/workloads.
- Experience of building/configuring a SIEM platform as well as corresponding processes.
- Working knowledge of security standards and frameworks including NIST, CIS, and ISO.
- Perform risk analysis and document all risks and mitigating controls within environments.
- Understanding of threat models and their application to aid in securing environments.
- Role model, promotion of a culture of good conduct and contribution to maintaining such a culture.
- Proactivity, transparency and clear accountability for the determination and management of security and risks.
- Fast learner and critical thinker with excellent skills in problem solving and presentation.
- Exceptional communication skills, both written and oral.
What we offer:
- Competitive local benefits based on your location
- We promote flexible working regarding time and/or place
- Both mental and physical health initiatives
- Corporate pension scheme
- Comprehensive training and development opportunities
- Industry insider events, team socials and company events
- Enhanced holiday allowance
We welcome candidates from all backgrounds, regardless of age, disability, gender, gender identity, gender expression, race, religion or belief, sexual orientation, socioeconomic background, and any other protected characteristic.
We are committed to making all stages of our recruitment process accessible to candidates with disabilities. Please speak to our recruitment team and we will work with you to make reasonable adjustments to ensure you can perform at your best throughout your application.