Security Controller - Public Sector
Elastic is a free and open search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real-time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at elastic.co.
Reporting to the Senior Director, Head of Commercial Legal for EMEA, we are hiring a Security Controller with 12+ years’ experience, based in our London office and with part-time distributed working to manage security operations. This role will support our growing Public Sector business in the U.K. and the EMEA region, partnering within a strong support system of our Legal and cross functional teams, including Information Security, Human Resources, Sales and Facilities. The ideal candidate is a self-sufficient and resourceful leader who will assume responsibility for securing the business by implementing Elastic’s and its Public Sector Customers’ security requirements relating to employees, contractors, infrastructure, information and assets. This position is for an individual that must have the ability to liaise with key stakeholders on sensitive matters within a fast-paced technology company covering SaaS, Licensing and Managed Packages. WHAT YOU WILL BE DOING- Implementing Elastic’s security requirements relating to Elastic Sites, employees, contractors, infrastructure, information and assets as they relate to Elastic’s Public Sector Customers.
- Providing day-to-day operational support, guidance and advice to Elastic personnel with regards to all aspects of Security (including Site Security and Site Audits), as required, ensuring Elastic’s Security Policy is adhered to and/or risk managed appropriately.
- Interpreting and implementing contractual and legislative requirements (including Security Aspects Letters) ensuring they are adhered to as required while monitoring and reporting compliance.
- Collaborating with key stakeholders to ensure that the Elastic’s networks remain physically secure and compliant with UK legislative policies and relevant ISO accreditation by formulating and implementing Elastic physical security instructions, Risk Management and Accreditation Document Sets (RMADS) and Security Operating Procedures (SyOPs).
- Ensuring operational protection of UK Government classified assets in accordance with Facility Security Clearance (FSC) (formally “List X”) security controls and providing management requirements input of AACS, IDS, and CCTV across the Elastic Sites
- Liaising with Public Sector Customers in the UK and EMEA, including Departmental Security Offices and/or Security Officials of Public Sector CustomersWorking with key stakeholders, conducting Site specific and corporate Security Awareness training.
- Maintaining a UK master vetting register and acting as the UK Clearance Contact, coordinating with key stakeholders, ensuring appropriate arrangements for personnel security clearance of employees involved and overseas visitors to the UK where appropriate.
- Responding to, and investigating Security Incidents in a timely manner in accordance with Elastic Incident Response Plans, while simultaneously dealing with appropriateUK Government Agencies and Law Enforcement Agencies (as appropriate).
- Eligible to receive UK National Security Vetting to the required level.
- Knowledge and experience of UK Government Security requirements such as
- Government Functional Standard GovS 007: Security
- MOD Joint Service Publication 440
- Information Assurance Standards
- Cabinet Office Security Policy Framework.
- Experience undertaking Risk Assessments and implementing Security Policies.
- Design and requirement identification of Integrated Security Management Systems.
- Ability to work with the highest level of discretion and integrity as the role involves working with a considerable volume of sensitive and personal information
- Sound written and verbal communication skills, with experience of delivering briefs and presentations to employees and clients.
- Membership of accredited UK professional security body with demonstrated CPD requirements i.e. RSES, Security Institute, CSyP
- Previous experience working within a Facility Security Clearance (FSC) or Government Protective physical security role.
- Knowledge of approved security products and build standards
- Working knowledge of ISO 27001
- Experience of security asset management and quality assurance.
Additional Information - We Take Care of Our People
As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.
We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.
- Competitive pay based on the work you do here and not your previous salary
- Health coverage for you and your family in many locations
- Ability to craft your calendar with flexible locations and schedules for many roles
- Generous number of vacation days each year
- Double your charitable giving - We match up to $1500 (or local currency equivalent)
- Up to 40 hours each year to use toward volunteer projects you love
- Embracing parenthood with minimum of 16 weeks of parental leave
Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.
We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email candidate_accessibility@elastic.co We will reply to your request within 24 business hours of submission.
Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster)
Please see here for our Privacy Statement.