Connecting to LinkedIn...

IT Security Manager

Job Title: IT Security Manager
Contract Type: Permanent
Location: Elstree, United Kingdom
Industry:
Salary: 75000.0
REF: 1250
Contact Name: Peter Sanders
Contact Email: peter.sanders@identifiglobal.com
Job Published: 10 months ago

Job Description

IT Security Manager - Global SaaS Business - Hertfordshire - £75k + Bonus + Bens

IT Security Manager required to join this exciting SaaS Service, business. If you are excited by the tech space and want to join an innovative, market leading organization, recognised by Gartner's, leaders quadrant, this is the business for you! Here your work will help deliver services to some of the worlds largest enterprises, who rely on this pioneering technology to deliver business communications, globally 

Summary
 

Reporting to VP GRC you will be accountable for secure system design and policies that ensure the organization’s computers, networks, and data are protected against internal and external threats within a highly-regulated environment. You will play a crucial role in the success of the organisations security and compliance. 

We are looking for an experienced IT Security Manager or Security Architect with a proven track record of implementing security controls in a Unix/Linux and Windows environment. You have a strong background in information technology with a clear understanding of the challenges of information security within a SaaS environment. Confidence working with external auditors is essential to make sure an organization is compliant with PCI DSS, ISO 27001 and SOC controls.

You thrive in reviewing system design from a security perspective and providing guidance on good practices and compliance to help the business sustain its security accreditation's
 

Key Responsibilities:
• Development and management of Information Security policies.
• Responsible for system design and policies that ensure the organization’s computers, networks and data are protected against threats, such as security breaches, computer viruses or attacks by cyber-criminals.
• Ensure procedures and automated processes are set-up to monitor the status of computers and networks to adhere with security policies.
• Assessing the organization’s security measures to identify any weak points and remediate any issues.
• Responsible for vulnerability management including assessment, prioritization and impact analysis and guidance on patching and or configuration changes.
• Respond to security questionnaires as part of RFPs and audits from clients, prospects and auditors.
• Set-up and run security calls and audits with prospects and clients as part of sales cycle and clients annual review and work with key business stakeholders to remediate any findings.
• Manage Information Security Incident Responses, assessing impact, risk and actions to be taken.
• Reporting and remediating security events, potential events or other security risks.
• Secure development lifecycle review and approve secure code designs, pen-tests and scans.
• Act as a final signoff for application security changes/additions and release to production.
• Liaise with 3rd parties and own the vulnerability scans and external penetration tests and any outsourced security services.
What we’re looking for:

 

Information Security Manager Skills & experience:


• Relevant Security certifications (CISSP, CISM, CISA Etc).
• Technical understanding of Unix/Linux and Windows environments
• Full understanding of PCI DSS and ISO 27001 Controls and experience taking organization through certification process
• Hands on experience in management and configuration of SIEM tools.
• Management and configuring IPS/IDS Systems
• Key Management and cryptography.
• Patch Management and implementation cycles.
• Proven track record of working with penetration testing partners, organizing pen-tests and helping to remediate findings.
• Access management, approval and control.
• Proven ability to make risk based decisions in remediating issues

 

Advantageous skills/experience
• Understanding of how a company provides services from multiple datacenters and across regions whilst maintaining compliance.
• Understanding of EU data protection regulation/GDPR.
• Knowledge of BCM framework and controls based on ISO 22301.
• Experience with frameworks such as ITIL, COBIT 5

 

Other Key Benefits


- Annual Bonus

- Flexible Working Enviornment

- Extensive Flexible Bens Inc. Life Assurance, Health Assurance, Income Protection etc, 

- Subsidsed Gym

- 25 Days Holiday + BH