Cyber Security Manager
City & County Healthcare Group is a family of care companies delivering domiciliary care, extra care, complex care and live-in care services across the UK. As an industry leader, we're bound by a common set of values and principles in providing flexible, community-based care support of the highest standard that actively promotes the independence, dignity and choice for our clients and customers while promoting staff support and development.
Due to growth, we have an exciting opportunity to join the team in the IT Services Department for a Cyber Security Manager. This role will ensure that Security is represented and considered for both Cloud and On-premise Infrastructure. The position should ensure that Cyber Security strategy and gap analysis are maintained and also participate in all IT initiative projects which will require interaction with the organisations security. This role is critical to the organisation and is seen as highly important to protect the organisations data, reputation and continuity.
Duties & Responsibilities
Including, but not limited to:
Commercially aware to ensure that solutions are costed against risk and aligned with industry expectations.
Responsible for ensuring all risks are communicated to the business.
Train existing functions on the importance of best practice security.
Management of Cyber Security Analysts when required.
Continuous review of existing security systems.
Create Cybersecurity battle plans in the event of a breach.
Work with the Infrastructure team to ensure critical vulnerabilities and patched.
Proactively research new vulnerabilities and create a plan to remediate.
Management and maintenance of Antivirus and security systems.
Regular reviews of conditional access and MFA compliance
Keeping up to date documentation of any security related risks.
Adhere to change control procedure when working with infrastructure technologies.
Engaging in the security committee as an IT representative.
Participate in all Critical Issue calls to drive a resolution.
Investigate and document security incidents
Responsible for any email related security incidents and reviewing appropriate mail security such as Mail filters, DKIM, SPF, DMARC.
Responsible for ensuring permissions structures are reviewed.
Develop and enhance security policies, processes, procedures and technical controls to strengthen security capabilities and resilience to cyber threats.
Generate reports for both technical and non-technical staff and stakeholders
Maintain security gap analysis and strategy documents.
Manage DLP, MFA and Auditing Software at an expert level.
Manage to NIST and NCSC best practices
Develop and document threats and threat models
Manage certification process for Cyber Essentials, ISO 27001, NHS Toolkit and other security qualifications.
Project manage infrastructure and security changes in an AGILE project method.
A minimum of 3 years experience in a security related role
The ability to manage a small team where required.
Self-starter who requires little direction
Ability to articulate risk to the business and advocate to do the right thing.
A passion for cyber security and infrastructure.
Business literate, confident and enthusiastic about technology.
Diligent with a high attention detail.
Confident to highlight security risks and be security driven.
The ability to collaborate with other departments to look for other solutions if security becomes restrictive.
Degree level qualification in IT or similar
Security related certifications. COMPTIA Security+ /CISA/CISSP
Time-management and organisational skills to manage a variety of tasks and meet deadlines
Able to work in a fast paced, regulated business with constant growth plans.
This is a full time permanent position in Altrincham with a fantastic company that encourages staff to reach their full potential. Continuous training and support will be provided, and you will have a fantastic Senior Management Team to work alongside to grow the business and support your own career development.
City and County Healthcare Group is an equal opportunities employer