Skip to main content

This job has expired

You will need to login before you can apply for a job.

ICT Security Manager

Employer
Hays.
Location
United Kingdom, Caerphilly
Salary
Competitive
Closing date
13 Dec 2021

View more

ICT Security Manager

Cardiff - Hybrid working available

Permanent

Salary range from £50,000 - £65,000 DOE

Role Purpose

This is an excellent opportunity to join my clients thriving Cyber & information team you will be Reporting to the Group IT Director, this role leads ICT security function - of the organisation to ensure consistent and high-quality information security management in support of business goals. The role holder is responsible for owning the definition, implementation, and maintenance of all security matters for the platform, systems and applications, through design and deployment of security solutions. This includes facilitation of information security governance structure, associated tools, policies and processes, and reporting required for both protection and insight into current and upcoming threats. The role works collaboratively with the business, and alongside Infrastructure teams as part of the overall ICT function to define, influence, and won the security control landscape.

Experience, Skills and Knowledge:

  • People management and leadership experience
  • 5+ years of Technical Security experience
  • 2+ years of Security Management experience
  • Strong technical understanding/background and knowledge of security frameworks and experience delivering these
  • Knowledge of common information security management frameworks, such as ISO 27001, ITIL, COBIT, as well as those from NIST
  • Project management skills - financial/budget management, scheduling and resource management
  • Legal and applicable regulatory standards in relation to IT and Information Security
  • IT Security tools (SIEM, IDS, IPS, WAF, DLP, Anti-Phishing, NAC, Anti-Malware, Webproxy)
  • IP/TCP stack (TCP/UDP flows, DNS, HTTP/HTTPS)
  • SSL (Certs, Certificate Authorities, etc.)
  • SSH (Private Keys, Public Key, Exploitation)
  • Cryptography (Encryption, Hashing, Seed Generation)
Duties and Key Responsibilities Ownership of security and risk management processes and policies:

  • Auditing and understanding existing policies
  • Adjusting policies as needed to in-line with changing threat landscape
  • Aligning company policies to existing cybersecurity frameworks (NIST, etc)
  • Conducting policy/process adoption assessments


Cybersecurity strategy:

  • Maintain an understanding of the threat landscape, current and as it evolves
  • Identify risks to the business and recommend strategies to address those risks
  • Develop long-term security roadma


Compliance management:

  • In conjunction with the business, implement policies that keep the organisation compliant to regulations in countries Link group is present in
  • Co-ordinate regular interval and 3rd party compliance audits


Incident detection, management, and response:

  • Analyse information systems using appropriate tools (packet analysis, forensics), IPS/IDS, and vulnerability assessment software
  • Investigate and respond to security incidents
  • Develop standardised documentation to create records of threats, handling, and breaches
  • Documented procedures for security incidents, with practiced playbook exercises


Managing cybersecurity hygiene/diligence:

  • Support ongoing patch management initiatives
  • Support network hygiene (ports, firewalls, etc) initiatives
  • Support Website/domain security hygiene (TLS/SSL, etc) initiatives


Assessing internal cybersecurity:

  • Co-ordinate regular penetration tests, vulnerability scans, etc
  • Identify & remediate weaknesses in network and infrastructure
  • Continual improvement of security score and posture This Job Description is not an exhaustive list of tasks performed and may be required to perform other duties of a similar nature from time to time.


3 rd party risk management:

  • Manage 3rd parties from a risk perspective
  • Software assessments
  • Risk assessment questionnaire


Technology selection/management:

  • Lead the planning, testing, tracking, remediation, and risk acceptance of existing and proposed technology
  • Promote implementation of new technology, solutions, and methods to improve business processes, quality, efficiency, effectiveness and value delivered to the business users
  • Conduct ongoing reviews of technology partners

Other Role Information:
- Travel to London as appropriately required
- Possible travel to European offices

If this role is for you, please don't hesitate to contact me via the methods below
☎️: 0333 010 5115 / 07526283413
Email - Louis.white1@hays.com

I am a Senior Cyber Security Consultant for Hays Technology, specialising in providing contract and project resources for South Yorkshire, ensuring organisations are supported by the top talent. My passion for this space stems from a lifelong interest in how Cyber Security impacts people's lives and capabilities.

At Hays Technology and across the Cyber Practice we are shaping the future of recruitment. Cyber security skills have never been needed more, and data security and impenetrable protection for operating models in the cloud are a top priority. By working with organisations of all sizes - from disruptive start-ups to multinational enterprises - we have a unique insight in to how organisations are using non-permanent resource to achieve their technology strategy. So, whether you are hiring for one contractor, a team, or looking to outsource the delivery of an entire project, talk to us today


Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert