IT & Cyber Security Manager 14085
Working with skilled teams across the business, focusing on initiatives and opportunities, using cloud & on prem technologies and modern security practices.
As the Security Manager, you will liaise with security incident response experts, keep up to date with industry changes, and work directly with the infrastructure and development teams to ensure that their systems are appropriately secure, compliant, and resilient across over 20 UK Locations. You will also work to continuously educate people across the business in security matters and threats.
Key responsibilities & accountabilities:
* Accountability for creating and maintaining standards and their implementation
* Work with stakeholders and staff to nurture a culture where security is always in mind and seen as a critical part of everyone's responsibility
* Creation of training materials and assisting with the continual upskilling of the whole company in relation to security matters relevant to their roles
* Provide day to day advice in security matters across the business
* Carry out business impact analysis activities relating to new changes and capabilities
* Working with SOC to ensure that their incident detection models and alert response processes are kept appropriate and up to date
* Coordinating with MSP's for the scoping and execution of vulnerability scanning and penetration testing
Skills & Ability:
* Exposure to environments where infrastructure management is heavily automated (Infrastructure as Code)
* Experience working with suppliers (licensing etc.) to negotiate and manage the services they provide
* Could have Construction industry experience
* Preferably educated to degree standard or with other relevant certifications (e.g. CISSP, CISA, CISM).
Knowledge & Experience
* Experience defining and implementing IT security policies within a UK wide services organisation and with a demonstrable understanding of associated risk management
* Knowledge of security in a cloud hosted environment, especially using cloud native technologies in Azure
* Azure, Active Directory, Intune, Endpoint, Mvision, Group Policy, Sophos Knowledge
* Ability to Define NW Security policy and Protocols, SIP/VOIP/4G/5G
* Knowledge of secure development practices and relevant tooling
* Experience training others in security matters at all levels
* Great communication skills and the ability to influence others
* Experience running security testing processes such as tabletop exercises, phishing campaigns etc.
Cynomi, Sophos, FortiGate, MVision, Active Directory, Endpoint, Intune, WMWare, Hyper-V, SIP/VOIP, ISO/IEC 27001, On Prem and Cloud (Azure), Sharepoint, PowerBI, HP Switching, Zyxwl/Draytech Routing, VLans, IPSEC, VPN