16th Aug 2024
The IT Security Manager is a hands-on management position with excellent knowledge of the technologies in use by the IT Security team required to Coach, mentor and train other team members as well as to define process, policy and working practices. Ensuring that Company agreed standards both locally and globally are implemented and compliant with legislative and industry standards. Ensuring that all infosec incidents are managed and recorded in line with company agreed standards both locally and globally to ensure compliance with legislation. Ensuring that the Information Security team completes any training that they have been given by offering guidance and mentoring. Member of the IT Management team.
Key Responsibilities
1. Manage all aspects of the day to day operations of the IT Security team.
2. Ensure deadlines are managed and met for all IT Security projects
3. Responsible for providing IT Security input into IT strategy and subsequent projects to implement strategy.
4. Responsible for IT security strategy
5. Responsible for IT security incident response, investigation, reporting and forensics.
6. Assess system security and recommend improvements
7. Ensure data is handled, transferred or processed according to legal and company guidelines
8. Control costs and budgets regarding IT security
9. Work with IT Management Team to manage contracts with vendors and software licenses
10. Develop IT security policies and practices with the Group head of Business Systems
11. Ensure training and personal development plans of IT Security team are created and followed
12. Evaluate team performance against targets and KPI’s and report monthly to Group Head of Business Systems
13. Manage team resourcing and development to ensure sufficient capacity to support business needs
14. Collaborate with colleagues and the wider security community to keep up to date with relevant practices and policies
15. Understand, implement and monitor security systems (vulnerability scanning, boundary protection, intrusion detection, antivirus, logfile analysis etc.).
16. Investigate and document security breaches, other cyber security incidents and assess the damage they cause.
17. Regular reporting against risks identified infosec tools and mitigation actions/projects.
18. Fix detected vulnerabilities to maintain a high-security standard.
19. Stay up-to-date on information technology trends and security standards.
20. Research security enhancements and make recommendations to management
21. Perform penetration testing with 3rd parties or internally.
22. Help colleagues and the wider business understand information security management.
23. Supporting the business in the delivery and release of secure applications
24. Participate in IT Security audits both representing NMG as the audited party and performing IT Security Audits of other business units and 3rd parties.
Candidate Criteria
Essential
25. Extensive experience working within IT Security, particularly within a Globally distributed IT environment
26. Experience with system installation, configuration and analysis
27. Thorough knowledge of networks and cloud computing
28. Knowledge of data protection operations and legislation (e.g. GDPR)
29. Outstanding communication skills
30. Be able to identify gaps in the teams knowledge and implement plans to close them.
31. Knowledge of project management methodologies and frameworks.
32. Excellent Team leadership skills
33. Excellent people management skills
34. Excellent communication and interpersonal skills
35. Problem solving
36. Experience Coaching and mentoring an IT Security team.
37. Must be comfortable multitasking with ability to work on and prioritise several tasks at once
38. Experience with ISO 27001.
39. Audit experience.