IT Security Manager
You will manage the operational security of IT provided services, delivering a robust assurance process across the businesses outsourced IT estate. Positively challenge the effectiveness of IT Security operational processes across the IT supply chain, helping to ensure that the end-to-end IT environment operates within the Bank’s policies, standards and risk appetite The Role: Set the requirement for IT Security specifications for the business across the end-to-end IT supply chain Review and approve Change designs to ensure appropriate IT Security controls are built in Develop, maintain and execute an IT Security Testing and assurance plan which includes, IT Security Controls, Vulnerability & Penetration testing, Service Continuity & Disaster Recovery Manage an IT Security actions and remediation register, ensuring visibility of activity and that all actions and remediation activities are driven to closure according to agreed timescales Manage and control User Access provisioning within the control framework Ensure delivery of appropriate MI/reporting and analysis for all aspects of IT Security Responsible for the preparation of regular and ad-hoc IT Security reports/packs for the IT Department, together with the preparation of IT Security certification and policy attestation packs Work collaboratively with the second/third lines of defence and Supplier Assurance team to ensure synergies in the IT Security control testing and supplier assurance approach Develop and maintain a strong level of capability in relation to the Bank’s Risk Management Toolset Provide IT Security Management technical support and assistance using own judgement in risk analysis and management, escalating more complex queries Assess and develop the IT department’s capabilities in IT Security to close skill gaps with an appropriate training and education plan Responsible for the continuous improvement of the IT Security Management methodology and approach Proactively identify and interpret changes in regulatory requirements, legislation and industry best practice that may affect the Bank and understand the impact these changes may have on the IT Security management regime Deliver analysis/reviews on individual assignments or well-defined tasks on larger projects Skills & Experience: Educated to Degree level and or extensive experience of working in an IT Security environment, preferably within the financial services industry. Good operational understanding of the ITIL (IT Service Management) framework, COBIT and ISO 27001. CISM or CISSP certification (desirable) Awareness of the benefits and constraints of operating in an outsourced IT supplier management framework and operating model. Strong stakeholder management experience If you are interested in this vacancy please contact Kevin McLaren in our Edinburgh office. Please note you will receive an automated response advising you that we have received your CV. Hudson is a leading provider of permanent recruitment, contract professionals and talent management solutions worldwide.