Since 1952, the University of Hertfordshire has been powering the progress of our students, the community and industry by filling the skills gap with the talented graduates that businesses need, right on time. We're 'minding the gap' right here in Hertfordshire!
Today, we welcome more than 30,000 students from over 140 countries to our seven Schools of Study, many with state-of-the-art facilities and academic staff sharing a wealth of lived experience. Our students are immersed in an environment enriched with world-class research, and a multitude of opportunities for unique engagement with business, industry and the public sector.
Our Digital, Data and Technology teams are responsible for all aspects of computing and IT infrastructure across the University including cyber security, data management, data centres, networks, systems operations, user support, software and applications, user experience, learning technologies, events support, AV and digital media and identity management.
MAIN PURPOSE OF THE CYBER SECURITY MANAGER
To be responsible for the development, delivery, and enforcement of comprehensive cyber security arrangements. To lead, manage and co-ordinate the activities of the Cyber Security team. The role will ensure the planning, implementation, management, compliance and support of core threat protection platforms, practices, and associated infrastructure to mitigate risks and protect the University systems and users against IT security vulnerabilities.
This position sits within the IT Operations section of IT Services but has a remit across the department as a whole. The post holder will liaise with technical specialists within the SBU and other departments to agree appropriate security measures to ensure the confidentiality, integrity and availability of university systems and data. The post holder will take the operational lead and provide a focal point for cyber security risk matters and must ensure that they keep up to date with developments in best practice, standards, and technologies within the sector and beyond.
A big part of this role will be to review and improve upon the current security estate, whilst ensuring more robust processes and procedures are put into place. This is an exciting time to get involved with the University, as there are continuous improvement plans and they have already heavily improved their cyber estate over the last 3 years.
RESPONSIBILITIES AND DUTIES
* Leadership and direct line management of the assigned teams.
* Conduct security control reviews across a full range of control types and techniques, for IT systems, both internally generated and in conjunction with external security specialists.
* Report on UH IT security posture, including OS patch management and vulnerability assessment scans, and recommend appropriate action to management to ensure any identified gaps are filled. Provide expert advice and guidance on the application and operation of all types of security controls, including legislative or regulatory requirements.
* Promote security awareness and contribute to the design and development of specialist policies.
* Provide IT security education and training to IT and system user management, staff, and students.
* Assist the Head of IT Operations and Head of IT Development with the planning and development of technical architectures, co-ordination of systems developments and provision and the identification of and adherence to agreed priorities.
* Daily management of the IT security systems and controls ensuring effective liaison with UH staff, external suppliers and partners and ensuring alignment with agreed technology and enterprise systems strategy, service requirements, security arrangements, and data exchange and inter-operability requirements.
* Lead installation, configuration and upgrades to server and database systems and applications software as required, including server virtualisation.
* Develop Cyber Security Incident Plan (CIRP) with forensic readiness.
* Development of IT Security principles and standards, including GDPR and CyberEssentials.
WHAT YOU NEED
* Experience with people management within an information security role.
* Strong stakeholder engagement.
* Excellent written and oral communication skills.
* Ability to manage multiple projects.
* Strong knowledge of information security policies and procedures.
* Experience in server systems administration and patch management.
* Experience with AD, ADFS, AzureAD, M365 security, SIEM, Email security, DLP, Vulnerability Assessment and management tools and NGAV.
* Knowledge/experience in Azure and AWS.
At Herts, we don't just provide opportunities for our students to flourish, we are also committed to creating a supportive and inclusive staff community that offers a wide range of flexible benefits with something to suit everyone:
* Competitive salary of £56,000 - £67,000 per annum, dependent on experience.
* 30 days annual leave, in addition to bank holidays, discretionary and closure days.
* Defined benefit pension scheme, with generous employer contributions of 17.8% of pay.
* Extensive training and development opportunities.
* Family friendly initiatives, including an on-site day nursery.
Location: Hatfield, Hertfordshire
Salary/Rate: £56,000 - £67,000 + Excellent Benefits
Job Reference: 051095
Closing Date: 24 Oct 2024
Contact: Daryl Angel
Phone: 0333 010 7583
Email: daryl.angel@hays.com
#LI-DNI
#4615646 - Daryl Angel #J-18808-Ljbffr