IT Security Manager

Bridge Recruitment UK Ltd
£60000 - £80000/annum
13 Jul 2017
12 Aug 2017
Contract Type
Full Time
IT Security Manager
GBP60,000 - GBP80,000

We are working with a client in the Financial Services sector recruiting a hands-on IT Security Managerr. In this role, the IT Security Manager is to support the Head of IT to develop and facilitate the effective use of the companys IT services to ensure business needs are optimised.

Proactively works to improve and develop the IT systems and service delivery through management of the team, the sourcing of cost-effective solutions as well as identifying, resolving and future mitigation of any related issues.

Key work outputs and accountabilities:

· As a senior member of the IT department leadership team you will provide pro-active contributions to the setting of IT strategy, and integrating IT security into the smooth running of the department.
· Leading the whole organisation in the awareness, implementation and observation of IT security
· Defining, documenting, maintaining and embedding IT security policies with input from the CIO and CCO.
· Defining technical IT security standards, procedures and guidelines supporting the companys IT security and data policies
· Planning and Implementation of any strategic change initiatives required for the company to physically meet these policies and working with other IT teams to ensure that IT security standards, policies and procedures are implemented and well maintained. In particular
o Complete the transition of user access management to the (SOG) help desk and Technical service group
o When required help these two groups meet service levels for user access management
o With the IT infrastructure department define a new network group structure for our Active Directory re-implementation
o With the IT infrastructure department review our use of network drives across the company
o Complete the Re-implementation of the User Profiles and implement a periodic review in line audit recommendations
· Where it is agreed that IT security risks cannot be mitigated economically or effectively ensuring that these exceptions are processed through the companys risk register with periodic reviews of the items outstanding on the risk register.
· Performing Security Risk Assessments before major technical infrastructure changes occur - including new technology or a major upgrade for existing technology components and periodic assessment of current technology platforms;
· Defining, Collecting, analysing and commenting on information security metrics and incidents and policy violations
· Providing Security consulting to IT projects and, as required, across the Company;
· Liaising, as necessary, with related internal functions such as Risk Management, Compliance, Facilities Management, and Internal audit, as well as external functions when appropriate;
· Managing external vendors in assisting in the provision of effective IT security for Firewall administration, Proxy servers, DNS administration and penetration tests.
· Organising security awareness campaigns for staff to enhance the security culture and develop a general understanding of their responsibilities
· Researching into latest IT security best practice and commercial offerings which could improve the companys IT security

Required qualifications and experience:

· Experience of working within Information Security with information security experience of identifying risks and proposing workable solutions. This includes reviews of current systems as well as implementation projects and evidence of ability to contribute at a strategic level
· Solid understanding of IT infrastructure and solutions in a banking environment
· Strong stakeholder skills, with the ability to communicate technically with IT technicians and security experts, but also being able to effectively translate issues and risks into clear and understandable business language
· Proven knowledge and experience of contingency planning and business recovery
· Advanced management skills including communicating, leading and organising an effective team as well as excellent influencing and negotiating skills
· Extensive experience of drafting and implementation of policy and processes in relation to IT security
· A relevant Security qualification such as CISSP is essential, while CISM is desirable. It would also be advantageous to be a member of a security association such as ISSA, ISACA, ISC2, IISP, etc