Information Security Manager
SAFe - ISO 27001 - CISSP
Are you an experienced Information Security Manager with a strong passion for defining and implementing security frameworks, policies and procedures? Do you know how to work and lead others in a scalable and fast-paced DevSecOps environment? Do you welcome accountability and end-to-end responsibility for developing and implementing security solutions?
We are looking for an Information Security Manager to take responsibility for drafting and implementing security policies and procedures across the IT ecosystem, reporting to C-Level and working with both internal and external development teams to ensure a platform which is secure , functional and scalable. The role will involve:
About You: Essential Skills:
- Creation and implementation of the cyber security policies and frameworks.
- Conducting continuous assessments to identify areas for improvement to minimise the risk of cyber-attacks.
- Ensuring regulatory compliance and governance is met.
- Design and implementation of simulated security breaches and recovery scenarios.
- Manage security audits, penetration tests and risk assessments.
- Managing IT security budget.
- Design, planning and implementation of an overarching securing programme and controls to include:
- Identifying, classifying vulnerabilities and risks across IT estate, and finding the best way to secure applications and infrastructure.
- A monitoring regime for attacks and intrusions and reporting their impact.
- Definition of identity and access management policies and procedures, including controls and monitoring of abuse of permissions by authorised system users.
- Embedding security during the design and development stages of our wealth platform for both internal and external teams.
- A third-party IDS and SOC.
- Data loss prevention controls including data encryption regime.
- An information asset repository.
- An ongoing cyber security education programme.
- Minimum of two years' management or supervisory experience in a similar role. A deep understanding of the cyber security risks associated with various technologies and ways to manage them, ideally gained in a regulated environment.
- Proven experience of working within a DevSecOps environment.
- A recognised security related qualification, ideally CISSP.
- Penetration and vulnerability testing including remediation.
- A good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus.
- Excellent IT skills, including knowledge of computer networks, operating systems, software, hardware and public cloud hosting.
- Analytical and problem-solving skills to identify and assess risks, threats, patterns and trends.
- Teamworking skills in order to collaborate with team members and third-party providers.
- Excellent verbal and written communication skills, including report writing, presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals.
- Planning and organisational skills to manage a variety of tasks and meet deadlines.
- The ability to multi-task and prioritise your workload with good attention to detail. Able to work under pressure, particularly when dealing with threats and at times of high demand.
- Experience in gaining ISO 27001 accreditation.
- Degree qualification or equivalent - preferably in a maths, science, computer science or similar field.
- Proven experience of working within a SAFe framework.
- Experience of working in the UK Financial Services sector.
Extensive benefits include:
- Discretionary bonus each year.
- Working from home options available and the role currently will be fully remote
- Flexible working hours available.
- 25 days holiday per calendar year, with the option to purchase or sell up to 5 additional days per year.
- Cycle to Work scheme.
- Hack days.
- Attend conferences and meet-up events.
- Regular social events.
- Private Medical scheme.
- Income protection scheme.
- Group contributory pension scheme.
- Various corporate gym membership rates.
Ignite Digital Talent are committed to creating equal opportunities, and welcome job applications from all who are qualified and eligible to working in the UK, regardless of colour, ethnic or national origin, race, gender, sex, disability, age, sexual orientation, religious or political beliefs, marital status or family circumstances.
This job was originally posted as www.totaljobs.com/job/90781365