Working For DDC

Positions vacant at DDC will be listed below. If there is no information, then we are currently fully staffed.

The Company

Due Diligence Checking Ltd operate as a market leader in the processing of online criminal record checks and pre-employment screening, completing over 150,000 checks each year. This accounts for approximately 2.25% of the current market. Many of the existing clients have a regulatory requirement for criminal record checks, to ensure safeguarding needs are met within their industry. Recent developments have allowed the company to build in this market, and offer additional checks and full pre-employment checking services. These services can be offered to any organisation recruiting people in the UK. This is a growing market with the introduction of mandatory ‘Right to Work’ checks for all UK employers.

Roles Currently Available (1):

IT Infrastructure and Information Security Manager

Salary range £28,000  – £34,000 DOE

Bonus scheme in place for defined deliverables (projects are reviewed and agreed on an annual basis). 

28 days holiday with increases for years of service

Lively office environment and regular office socials. 

To apply for this role please email jobs@ddc.uk.net with a covering letter and your CV. Early application is advised. 

Covid considerations – The role is office based and the initial part of the on-boarding will be in the office, to meet the team and become familiar with the technical set-up. After this period and depending on Government guidance this role will move to ‘working from home’ arrangements, until such time as offices are open to non-essential team members. 

About the role: We are looking for a new member of the team to take the lead on two key aspects of the business. This is based around information security to ensure the web development team have security in mind with all developments (there’s no coding required), and to the physical security of the internal infrastructure. The right applicant will have the necessary skills to to manage our current third-party support providers, liaise with internal stakeholders to drive improvements within the business. 

Information Security Manager

  • Managing the Information Security throughout the company to ensure it is core to all company operations.
  • ISO27001 Information Security Management Standard lead as part of an ISO Compliance Team (external training to be provided, and established systems in place).
  • Liaising with / procuring third party support contracts to meet the requirements of the company e.g. penetration testing
  • Working closely with senior staff to plan, design, and build projects
  • Personal development and updated industry expertise to ensure new requirements and technologies are employed through the organisation
  • Training of front-line staff on data protection principles as supported by compliance team
  • An ability to respond to technical quires relating to Information Security, for example external tender questions
  • Working towards Data Protection Officer status for the company, as supported by a Compliance Team.

IT Infrastructure Manager

  • Production server and database maintenance as supported by third party data centre (DevOps role requirements)
  • Systems and applications maintenance – updating systems and tools
  • Internal infrastructure management to include
    • Workstations (Windows 10, with a few minor legacy Windows 7 awaiting upgrade)
    • Email server (Microsoft Exchange)
    • Network server (Microsoft Small Business Server)
    • Back-up systems
    • Disaster Recovery and Business continuity systems
    • Internet phone systems (VOIP)
    • CCTV systems
  • Managing third party support contracts for day-to-day tasks required (e.g. workstation updates) and on-going upgrades/installs etc

Core technical competences

  • Good task and time management ability
  • Interest in current and future information security and database management developments
  • An excellent understanding of information security practices and current legislation (e.g. GDPR). External training to be provided.
  • Experience with ISO27001 standard and requirements
  • Lead auditor for internal processes and systems (external auditing training can be provided)
  • Linux / Windows server administration skills
  • Some knowledge of operating virtual systems/machines/containers
  • Cloud services provisioning / server provisioning
  • Console + shell scripting skills
  • Good knowledge of business processes and domain

Core tasks and responsibilities:

  • Working with the full range of technologies deployed on the server, including web-servers, databases and client side systems, with a focus on information security
  • Managing workload with in-house task management systems (Jira)
  • Communicating progress with in-house task management and communication systems
  • Reporting on projects to senior managers, and cooperating with project management practices and tools
  • Assisting with the design and prototyping of new systems, from technical and user perspectives
  • Cooperating with security practices and maintaining vigilance for potential security issues
  • Cooperating with relevant legislation and guidelines, including DBS Code of Practice, ISO Standards, Code of Connection agreements and ICO Guidelines
  • Working with other members of staff in the review and approval of developments, with the aim of producing quality services and helping other members of staff to improve their information security skills and practices
  • Maintaining, updating and patching servers (Debian/Redhat-based systems)
  • Working alongside the developers and external contractors to handle server maintenance tasks

Mindset

  • A thirst for tech infrastructure knowledge
  • Open to considering new ideas
  • Continuous improvement
  • Striving for automations
  • Focused on professional development

Beneficial skills

  • Docker/Kubernetes setup/provisioning
  • Virtual systems experience (hypervisors, Xen, VMware etc)
  • AWS-specific experience (Route53, EC2, VPC, RDS, IAM management)
  • Network management/configuration
  • Firewall management
  • Being fully up-to-date with security vulnerabilities / attack vectors
  • Understanding of the dev-test/QA-production release lifecycle
  • System orchestration tools knowledge (e.g. Ansible, Chef, Puppet, Terraform)

Perks

  • Monthly IT Team team meetings held externally
  • Budget for external training courses
  • Good coffee making facilities, including fresh ground coffee
  • Free Parking 
  • Pension provision
  • A business that champions a positive working environment
  • Weekly fruit basket to encourage healthier options