IT Security Manager/Officer – Peterborough - £60-65k. Depending on Experience.
You are an experienced information Security Manager or Security Architect or Senior Security Engineer with a proven track record of implementing security controls in a service led environment. You have a strong background in information technology with a clear understanding of the challenges of information security within an IaaS environment. You thrive in reviewing system design from a security perspective and providing guidance on good practices and compliance to help the business and their customers sustain its security posture.
• Development and management of Information Security policies.
• Responsible for system design and policies that ensure the organization’s computers, networks and data are protected against threats, such as security breaches, computer viruses or attacks by cyber-criminals.
• Ensure procedures and automated processes are set-up to monitor the status of computers and networks to adhere with security policies.
• Assessing the organization’s security measures to identify any weak points and remediate any issues.
• Responsible for vulnerability management including assessment, prioritization and impact analysis and guidance on patching and or configuration changes.
• Respond to security questionnaires as part of RFPs and audits from clients, prospects and auditors.
• Set-up and run security calls and audits with prospects and clients as part clients annual review and work with key business stakeholders to remediate any findings.
• Manage Information Security Incident Responses, assessing impact, risk and actions to be taken.
• Reporting and remediating security events, potential events or other security risks.
• Liaise with 3rd parties and own the vulnerability scans and external penetration tests and any outsourced security services.
What we’re looking for:
• Security certifications (CISSP, CISM and CISA advantages).
• Technical understanding of Microsoft platforms including Exchange, Windows and Active Directory, Citirix, VMware environments
• Patch Management and implementation cycles.
• Proven track record of working with penetration testing partners, organizing pen-tests and helping to remediate findings.
• Access management, approval and control.
• Proven ability to make risk based decisions in remediating issues
• Balanced approach to security, understands best practice but also when a pragmatic approach is appropriate
• Understanding of how a company provides services from virtualized environments and across regions whilst maintaining compliance.
• Understanding of EU data protection regulation/GDPR.
• Good understanding of security technologies such as SIEM tools (Splunk), IDS/IPS, Vulnerability management (Qualys)
Up to 10% bonus – 5% based on personal performance and 5% based on business
3 month notice period
Pension scheme – 4% paid by individual/4% paid by business on a like for like basis up to 10%
Cycle to Work scheme
My Staff Shop