IT Security Manager

Recruiter
Iceberg Cyber Security
Location
London (Greater)
Salary
£50,000 - £59,999, £60,000 - £69,999
Posted
29 Nov 2017
Closes
10 Dec 2017
Contract Type
Permanent
Hours
Full Time

One of my clients who are a leading FTSE 250 are currently recruiting for a talented IT Security Manager who will play a pivotal role with global coverage where you will be responsible for managing and developing IT Security across the business. The IT Security Manager will take accountability for ensuring cyber security defence techniques are employed across all areas of the business, and that security best practice is adhered to in all areas of technology management.

Role:

  • Define and establish appropriate controls and processes in line with industry best practice so as to protect the confidentiality, integrity and availability of the business information assets and systems
  • Identification and mitigation of new information threats and vulnerabilities, escalating where necessary
  • Effectively managing the IT Security team working with technology key stakeholder across the business
  • Lead security incident response activities
  • Managing and implementing the annual IT Security program

Responsibilities:

  • Protect the businesses data assets using tools and best practice techniques
  • To detect the presence of suspicious and malicious activity on the network
  • React promptly and professionally to any incidents, providing triage, escalation and remediation as required
  • Supporting the execution of internal and external audits
  • Oversight for technical security controls including, but not limited to:
  • Penetration testing
  • Content control and malware protection
  • Network security including firewalls and IDS
  • Security event and log management
  • Security incident response
  • Vulnerability and patch management
  • Appropriate escalation of security vulnerabilities and trends identified from security incidents
  • Managing security exception processes, such as privileged access requests
  • Liaising with both the Business and Technology Services project teams regarding Security requirements for proposed, new, or developing services
  • Contributing to requirements and subsequent design, testing and implementation of security controls required to support defined security policies and procedures
  • Maintain an understanding of existing and emerging information security best practices
  • Establish and manage 3rd party supplier relationships where required
  • Remain commercially and results focused
  • Work with onshore and offshore development teams to increase the maturity of secure development practices and remediate web application vulnerabilities
  • Product owner for the Web Application Firewall, create rules to mitigate threats, analyse logs, troubleshoot issues
  • Prioritise issues and engage with Product teams to agree timelines and releases
  • Managing the IT Security budget

Skills Required:

  • Strong prior experience as an Information Security Officer or Senior Analyst in a global enterprise environment
  • Able to demonstrate a broad knowledge of IT Security and Service Continuity standards & practices
  • A good knowledge and understanding windows enterprise technologies in a networked, enterprise environment
  • Apply a risk proportionate approach to IT Security
  • Experience of configuring and supporting firewall and intrusion detection technologies
  • Management of Log Logic or similar SEM solutions
  • Working knowledge of McAfee, Symantec and Websense toolsets
  • Current knowledge of security industry threats and trends and vendor landscape
  • Preferably worked in a global organization with 24/7 business demands
  • ITIL v3 Foundation
  • Familiarity with ISO27001 and ISO27002 controls
  • Deep knowledge of SANS and OWASP security standards
  • Certified Information Systems Security Professional (advantageous)
  • Certified Ethical Hacker (advantageous)
  • ISO27001 Lead Implementer (advantageous)