This company is at the start of an exciting journey of transformation, growth and evolution. With 200 years of history behind them, they are now looking to the future. This huge player in UK keep energy flowing to over 12 million customer's homes and businesses across the UK.
About the Role
As the Information Security Manager you'll support the definition of strategies, policies, processes and guidelines for how the business operate and manage cyber security controls across it's networks, systems and data. You'll be seen as a subject matter expert in the areas of IT and security controls, defining effective KPI's and reporting, risk, compliance and assurance. You'll be responsible for taking the lead and provide a focal point for security and information risk matters.
Lead a team of direct and indirect security specialists to establish risk mitigation activities, standards, policies and controls
Define appropriate strategies, policies, standards and guidelines and controls to address threats and associated risks
Create and implement security non-functional requirements to support business digital strategy and associated technology roadmap.
Technical authority for decisions at both strategic and tactical levels that balances risk versus policy compliance.
Assurance of projects to assess and mitigate security vulnerabilities.
Workload management and allocation of assurance activities
Internal and external stakeholder management, for example Supply Chain and Commercial for contract analysis, Regulator for compliance reporting and assurance reviews
Reporting and tracking on solution compliance and exceptions
Undertake risk assessments of systems based on agreed security policies, standards and industry best practise
Lead on security incident and breach investigations in line with appropriate regulatory and legal compliance standards
What are they looking for?
Proven track record of developing, implementing and operating security platforms across an enterprise network.
Experience of completing third party security risk assessments and third party reviews.
Experience of delivering compliance programmes for regulatory and compliance frameworks
Experience of co-ordinating internal and external reviews for security frameworks Payment Card Industry Data Security Standard (PCI DSS), NIS Directive and SWIFT.
Knowledge of IT and security controls and related principles.
Able to demonstrate a high degree of credibility and influence senior stakeholders.
Proven people management skills with a track record of leading a team, communicating and collaborating effectively
Able to operate as a highly independent worker and as part of a strong team with a collaborative approach.
Prior Critical National Infrastructure (CNI) and utility industry experience would be ideal
You will be an articulate technologist with demonstrated ability to communicate technology solutions in relevant business terms on a peer basis and at senior level
Demonstrable knowledge of IT network features and functions, including virtual networking, principles and common practice in network security and the OSI and TCP/IP models, and the function and features of the main network appliances
Extensive experience of cyber security within cloud networks (Azure, AWS, Salesforce)
Demonstrable experience of defining and adapting security processes and controls to respond to both current and emerging threats and new attack techniques, hazards and vulnerabilities relevant to the network and business environment.
Knowledge of applicable laws such as data protection, computer misuse act and copyright law.
Proven experience of forensic processes including knowledge of criminal processes/contact with ACPO/NCCC
Good level of knowledge of existing and emerging technologies and of industry best practice in IT development and delivery.
Delivery oriented and ability to work under pressure in a complex business environment
Highly developed analytical skills
High levels of initiative, professionalism, independence and resilience
If you'd like to be considered for the above and are interested in a further conversation, please apply or get in touch