IT Security Manager
I have a fantastic opportunity for an IT Security Manager to join an Edinburgh based Financial Services Organisation. The successful candidate will manage the operational security of IT provided services , positively challenge the effectiveness of IT Security operational processes, helping to ensure that the end-to-end IT environment operates within the organisations policies, standards and risk appetite. Key responsibilities include: *Set the requirement for IT Security specifications across the end-to-end IT supply chain *Review and approve Change designs to ensure appropriate IT Security controls are built in *Develop, maintain and execute an IT Security Testing and assurance plan which evidences effectiveness of controls for the end-to-end IT Supply chain *Manage the development and maintenance of an effective Role Based Access Control (RBAC) Framework for the Bank *Ensure delivery of appropriate MI/reporting and analysis for all aspects of IT Security *Work collaboratively with the second/third lines of defence and Supplier Assurance team to ensure synergies in the IT Security control testing and supplier assurance approach *Develop and maintain a strong level of capability in relation to the Bank's Risk Management Toolset *Provide IT Security Management technical support and assistance using own judgement in risk analysis and management, escalating more complex queries *Assess and develop the IT department's capabilities in IT Security to close skill gaps with an appropriate training and education plan *Responsible for the continuous improvement of the IT Security Management methodology and approach You must be able to demonstrate the following skills and experience: *Educated to Degree level and or extensive experience of working in an IT Security environment, preferably within the financial services industry. *Awareness of the benefits and constraints of operating in an outsourced IT supplier management framework and operating model. *Strong written and verbal communication skills and the ability to communicate and challenge at all levels. *Proven analytical skills, judgement and reasoning ability. *Excellent knowledge of the relevant procedures, projects and services in own area of responsibility, including interpretation and application of best practices, and able to recognise a range of options and justifiably propose a recommended course of action. *Strong relationship management skills. *Good operational understanding of the ITIL (IT Service Management) framework, COBIT and ISO 27001. *CISM or CISSP certification beneficial If you would like to find out more about this opportunity then please apply with your most recent CV for consideration.