The Role:

The primary objective of this role is to lead and manage the DB Systel UK Information Security capability, responsible for delivering security support services across operational environments for a diverse European customer base. As the IT Security Manager, you will play a crucial role in overseeing daily IT security operations, ensuring that robust processes are in place to protect operational systems in compliance with ISO27001 and ISO27017 standards.

You will serve as the escalation point for resolving operational security issues, ensuring swift and effective resolutions. This position is ideal for an energetic and experienced manager with a strong passion for IT security, commitment to high standards, and a track record of exceptional customer satisfaction.

The successful candidate will foster a collaborative, dynamic, and innovative work environment. Strong leadership, problem-solving abilities, and excellent communication skills are essential to succeed in this role.

Responsibilities:

• Lead and manage the Security capability, serving as the escalation point for issues, overseeing daily workload, and prioritizing security-related tasks as needed.
• Develop, implement, and maintain the Information Security Management System (ISMS) in alignment with ISO27001 and ISO27017 standards.
• Establish and enhance IT Security Policies to support robust security practices.
• Collaborate with stakeholders to maintain DB Systel UK’s Risk Register, ensuring risks are identified and managed effectively.
• Develop and execute incident response plans; take ownership of high-priority security incidents and requests, ensuring timely resolution and alignment with team objectives.
• Manage a comprehensive training and awareness program, promoting security best practices across the organization.
• Oversee security in supplier management to identify risks, enforce compliance, and implement corrective actions when necessary.
• Ensure the day-to-day application of operational security practices.
• Lead vulnerability assessments and penetration testing using tools such as Greenbone and Qualys.
• Stay informed on current security trends, emerging threats, and relevant legislation.
• Oversee the implementation and maintenance of DB Systel UK’s Disaster Recovery and Business Continuity Plan.
• Develop effective Network usage and Auditing methods.
• Work closely with the DeutscheBahn Group Compliance with regards to Security, Data Protection and Information Handling.
• Identify service inadequacies and lead on service improvement plans in security.
• Provide regular security reports to key stake holders and customers outlining risks, incident response metrics and ISMS effectiveness.

The Successful Candidate:

• Ideally educated to degree level in the field of computer science or equivalent.
• At least 5 years’ experience in an IT Infrastructure environment.
• At least 2 years’ experience managing an ISMS (ISO27001).
• Experience in dealing with security incidents and security vulnerabilities.
• Knowledge of network monitoring tools and traffic analysis.
• Knowledge of threat and vulnerability analysis, risk assessment and business impact analysis.
• Experience of writing effective security policies and procedures.
• Experience/knowledge of Active directory structure with multiple domains and associated domain infrastructure services (DNS / DHCP / Certificates etc).
• Managing security operations for multiple customers.
• Ability to work under pressure and prioritize successfully.
• Client facing customer roles.

Specific Additional/Personal Requirements:

• High level of management and leadership skills gained in an IT environment.
• Be charismatic providing direct, credible, and authoritative interaction at all levels with senior stakeholders, executives, colleagues, and customers alike and be regarded as a leader by the team.
• The ability to communicate effectively and with appropriate sensitivity with a wide variety of colleagues, suppliers, and customers.
• Must be able to work under own initiative without the need for close supervision being self-motivated with a willingness to take responsibility exercising initiative with the ability to take ownership of difficult situations.
• Excellent customer service skills with good written and verbal communication skills.
• Experience of training, coaching, mentoring, leading, managing, and supervising staff, and workloads.
• A confident self-starter with a can do attitude and the ability to multi-task, prioritize workloads effectively and be able to deal with a variety of tasks working under their own initiative without the need for close supervision with an understanding of ambiguity.
• Demonstrate the active listening, coaching, decision making, interpersonal communication, judgment, monitoring, and time management.

In addition:

• Travel between sites in the UK may be required with occasional overseas travel to Group Headquarters (Germany) and on occasion may involve the transport and deployment of equipment.
• Hold a UK driving license.